topic Re: another password setting query in Operating System - HP-UX

another password setting query

Gord Moore — Tue, 25 May 2004 17:20:02 GMT

I have looked over the man pages and the document KBRC00011604 and can't find a definitive answer to this. Can I force the first and last characters of a password to be alphabetic, or at least non-numeric? I think the answer is no, but maybe someone knows for sure.

It not, is there a password program that has extra security (like the above) for HP-UX 11.11?

Thanks.

Re: another password setting query

Sridhar Bhaskarla — Tue, 25 May 2004 17:28:07 GMT

Hi,

The answer is no. And in my opinion, it weakens the security of the password as two fields are fixed.

There is npasswd that you may want to look at. You may need to compile it if the one for 11.0 doesn't work. And I am not sure if it works for trusted system either as it has to manipulate the tcb database.

http://hpux.cs.utah.edu/hppd/hpux/Sysadmin/npasswd-1.2.4/

-Sri

Re: another password setting query

Michael Tully — Tue, 25 May 2004 17:33:09 GMT

I agree with Sridhar on this one. Hard coding any fixed part would weaken the password security and would be easier for password hacking tools to guess passwords.

Re: another password setting query

Mel Burslan — Tue, 25 May 2004 18:05:23 GMT

together with not knowing to what extent the capabilities are, there is an additional tool called password plus, (pwplus) which will impose extra restrictions on the password, most important of which is to prevent users from using letter to numeric resemblance shifted passwords, i.e., prevent them from using "s!ngl3" for the word "single" as well as first character needs to be alphabetic, etc... these were imposed on my passwd selection. I think there are more to it that I could see as I was not the pwplus manager. Also, as a fringe benefit, it has a very nice passwd cracker which runs in schedules to check if anybody forced a crackable password according to the enforced rules.

HTH