forbidden word

Format

forbidden word word

undo forbidden word word

Parameters

Parameter	Description	Value
word	Specifies a forbidden password string. After a forbidden password string is configured, new passwords cannot contain this string, regardless of case.	The value is a string of 1 to 255 case-insensitive characters. Except the question mark (?) and space. However, when quotation marks (") are used around the password, spaces are allowed in the password.

Parameter

Description

Value

word

Specifies a forbidden password string. After a forbidden password string is configured, new passwords cannot contain this string, regardless of case.

The value is a string of 1 to 255 case-insensitive characters.

Except the question mark (?) and space. However, when quotation marks (") are used around the password, spaces are allowed in the password.

Views

Rules management view

Default Level

3: Management level

Task Name and Operations

Task Name	Operations
aaa	write

Usage Guidelines

Usage Scenario

To improve device security, run the forbidden word command to set a forbidden password string to prevent users from configuring simple passwords.

Configuration Impact

The forbidden word command takes effect only with local users' passwords. After the forbidden word command is executed, a newly configured or modified password cannot contain any forbidden password string. Otherwise, the configuration fails. If an existing password contains a forbidden password string, the system will prompt the user to change the password. The user, however, can continue to use the password.

Precautions

A device supports a maximum of 32 password configuration rules. Each rule can specify only one forbidden password string.

Example

# Configure huawei and company as forbidden password words.

<HUAWEI> system-view
[~HUAWEI] security password
[~HUAWEI-security-password] rule admin
[~HUAWEI-security-password-rule-admin] forbidden word huawei
[*HUAWEI-security-password-rule-admin] forbidden word company