https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/3440106#M207145 Either way will accomplish what you want. Converting to a trusted system will add a lot more than just your relatively simple requirements, that's why the /etc/default/security file was developed: it's a way to implement a few of the features of trusted systems without going through all the bother of converting to trusted.<BR /><BR /><BR />Pete Thu, 09 Dec 2004 12:51:05 GMT Pete Randall 2004-12-09T12:51:05Z https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/3440100#M207139 We are running 11.0 HP-UX. Currently this is non trusted system. I want to enforce the following password policy:<BR /><BR />Min 7 Char<BR />atleat one numeric and one special char.<BR /><BR />Can someone give me some tips and best way of doing this?<BR /><BR />Thanks in Advance Thu, 09 Dec 2004 10:50:51 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/3440100#M207139 sheevm 2004-12-09T10:50:51Z https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/3440101#M207140 man 4 security<BR /><BR />You can prepare the /etc/default/security file to enforce the requirements. If you do have man page for it, you need to install a patch that introduced this file.<BR /><BR />Anil Thu, 09 Dec 2004 10:58:52 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/3440101#M207140 RAC_1 2004-12-09T10:58:52Z https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/3440102#M207141 With the latest patches, your 11.0 system can specify this in the /etc/default/security file with the paramaters MIN_PASSWORD_LENGTH and PASSWORD_MIN_<TYPE>_CHARS. See man security.<BR /><BR /><BR />Pete</TYPE> Thu, 09 Dec 2004 10:59:19 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/3440102#M207141 Pete Randall 2004-12-09T10:59:19Z https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/3440103#M207142 Hi,<BR /><BR />you can do this by forcing the restriction using the file /etc/default/security <BR /><BR />Try this link from itrc,<BR /><BR /><A href="http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&amp;docId=200000076534451" target="_blank">http://www2.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&amp;docId=200000076534451</A><BR /><BR />The itrc doc id is KBRC00011604.<BR /><BR />Hope this helps.<BR /><BR />regds<BR /> Thu, 09 Dec 2004 11:00:22 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/3440103#M207142 Sanjay_6 2004-12-09T11:00:22Z https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/3440104#M207143 The patches, if you don't have them, are:<BR /><BR /><A href="http://www2.itrc.hp.com/service/patch/patchDetail.do?BC=patch.breadcrumb.main" target="_blank">http://www2.itrc.hp.com/service/patch/patchDetail.do?BC=patch.breadcrumb.main</A>|patch.breadcrumb.pdb|patch.breadcrumb.search|&amp;patchid=PHCO_27721&amp;context=hpux:800:11:00<BR /><A href="http://www2.itrc.hp.com/service/patch/patchDetail.do?BC=patch.breadcrumb.main" target="_blank">http://www2.itrc.hp.com/service/patch/patchDetail.do?BC=patch.breadcrumb.main</A>|patch.breadcrumb.pdb|patch.breadcrumb.search|&amp;patchid=PHCO_29249&amp;context=hpux:800:11:00<BR /><BR /><BR />Pete Thu, 09 Dec 2004 11:04:37 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/3440104#M207143 Pete Randall 2004-12-09T11:04:37Z https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/3440105#M207144 Thanks to all of you for the response.<BR /><BR />Pete,<BR /><BR />Can I enforce the password policy by just converting it to trusted system? or it can only be done via security file? Thu, 09 Dec 2004 11:36:52 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/3440105#M207144 sheevm 2004-12-09T11:36:52Z https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/3440106#M207145 Either way will accomplish what you want. Converting to a trusted system will add a lot more than just your relatively simple requirements, that's why the /etc/default/security file was developed: it's a way to implement a few of the features of trusted systems without going through all the bother of converting to trusted.<BR /><BR /><BR />Pete Thu, 09 Dec 2004 12:51:05 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/3440106#M207145 Pete Randall 2004-12-09T12:51:05Z