sysconf user password expire

Configures login failure rate limiting. A user account is locked temporarily upon consecutive failed logins within the set interval. The locked account is unlocked after the specified unlock/release interval.

CAUTION! This feature is not supported for use with Clusters; do not enable it on any Luna Network HSM 7 that is a member of a cluster.

NOTE This command requires Luna Appliance Software 7.9.0 or newer.

User Privileges

Users with the following privileges can perform this command:

>Admin

Syntax

sysconf user password expire [<number>] [-disable]

Argument(s)	Shortcut	Description
<# days to pw expiry>	.	The number of days, after a password change, that the password expires. .If the user then attempts login after the current password has expired, they are prompted to set a new password before they can complete logging in. (1 - 365) Default = 90 Says 99999 days if expiry has not been set.
-disable	-d	Disables the password expiration policy. View the current settings with sysconf user show.

Argument(s)

Shortcut

Description

<# days to pw expiry>

The number of days, after a password change, that the password expires. .If the user then attempts login after the current password has expired, they are prompted to set a new password before they can complete logging in. (1 - 365)

Default = 90

Says 99999 days if expiry has not been set.

-disable

-d

Disables the password expiration policy.

View the current settings with sysconf user show.

Example setting password expiry to a specific number of days

lunash:>sysconf user password expire 33

User password expiration set to 33 days successfully.

Command Result : 0 (Success)
lunash:>sysconf user show


Password policies:
=====================
History : 3
Expire after : 33 days
Minimum length : 8 characters
Deny attempts : 3
Release interval : 120 seconds
Detection window : 120 seconds

Command Result : 0 (Success)

Example setting password expiry to the default value

lunash:>sysconf user password expire

User password expiration set to 90 days successfully.

Command Result : 0 (Success)
lunash:>sysconf user show


Password policies:
=====================
History : 3
Expire after : 90 days
Minimum length : 8 characters
Deny attempts : 3
Release interval : 120 seconds
Detection window : 120 seconds

Command Result : 0 (Success)

Example of disabling password expiry

lunash:>sysconf user password expire -disable

User password expiration disabled.

Command Result : 0 (Success)
[docslab] lunash:>sysconf user show


Password policies:
=====================
History : 3
Expire after : disabled
Minimum length : 8 characters
Deny attempts : 3
Release interval : 120 seconds
Detection window : 120 seconds

Command Result : 0 (Success)



	SUPPORT	LEGAL
Luna Network HSM 7 Documentation © Copyright 2001-2025, Thales Group Last Updated: 2025-12-03 11:20:23 GMT-05:00	Customer Release Notes Customer Support Portal Support Contacts	End User License Agreement Third Party Software Licenses Document Information