No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Troubleshooting Guide

CloudEngine 16800, 12800, 12800E, 8800, 7800, 6800, and 5800 Series Switches

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
What Should I Do If the Account Is Locked After Multiple Login Failures?

What Should I Do If the Account Is Locked After Multiple Login Failures?

If a user enters incorrect passwords for six consecutive times within 5 minutes when logging in to the server using Telnet or STelnet, the IP address of the client or the user name will be locked for 5 minutes by default. (You can run the local-user authentication lock duration duration-time command in the AAA view to set the automatic unlock time. The value ranges from 0 to 1000, in minutes. The default automatic unlock time is 5 minutes.)
Table 22-51 Mapping between authentication modes and IP address or user name locking

Login Mode

Authentication Mode Causing IP Address Locking

Authentication Mode Causing User Name Locking


Password and none




Password, password-DSA, password-ECC, and password-RSA

  • After the IP address of a client is locked, wait for 5 minutes until the system automatically unlocks the IP address, and attempt to log in to the switch. Alternatively, use another account to log in to the switch and perform the following operation to unlock the IP address in advance.
    • # Unlock the IP address if Telnet is used for a login.
      <HUAWEI> activate vty ip-block ip-address
    • # Unlock the IP address if STelnet is used for a login.
      <HUAWEI> activate ssh server ip-block ip-address
  • If the current user name is locked, use another user name to log in to the switch, and run the activate aaa local-user user-name command in the user view to unlock the user name.

    # Unlock the user name admin1234.
    <HUAWEI> activate aaa local-user admin1234
Updated: 2020-01-07

Document ID: EDOC1000060766

Views: 606135

Downloads: 2941

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Previous Next