1-2Function Description ApplicationEncrypted display: The switch protects the displayedpassword. The password is always displayed as a stringcontaining only asterisks (*) in the configuration file or onuser terminal.Passwordprotection andencryption Saving passwords in ciphertext: The switch encrypts andsaves the configured passwords in ciphertext in theconfiguration file.All passwordsLogin attempt limitation: You can use this function toenable the switch to limit the number of login attemptsallowed for each user.Inhibit the user from re-logging inwithin a certain time period. Afterthe period, the user is allowed tolog into the switch again.Inhibit the user from re-logging inforever. The user is allowed tolog into the switch again onlyafter the administrator manuallyremoves the user from the userblacklist.Login attemptlimitation andfailureprocessing.If the number of loginattempts exceeds theconfigured maximumnumber, the userfails to log in. In thiscase, the switchprovides three failureprocessing modes.By default, the switchadopts the firstmode, but you canactually specify theprocessing mode asneeded.Allow the user to log in againwithout any inhibition.Telnet and SSHpasswordsUser blacklistIf the maximum number of attempts is exceeded, theuser cannot log into the switch and is added to theblacklist by the switch. All users in the blacklist are notallowed to log into the switch.z For the user inhibited from logging in for a certain timeperiod, the switch will remove the user from theblacklist when the time period expires.z For the user inhibited from logging in forever, theswitch provides a command which allows theadministrator to manually remove the user from theblacklist.z The blacklist is saved in the RAM of the switch, so itwill be lost when the switch reboots.—System logfunctionThe switch automatically records the following events inlogs:z Successful user login. The switch records the username, user IP address, and VTY ID.z Inhibition of a user due to ACL rule. The switchrecords the user IP address.z User authentication failure. The switch records theuser name, user IP address, VTY ID, and failurereason.No configuration isneeded for thisfunction.
