topic Re: password aging in Operating System - HP-UX

password aging

Michael Murphy_2 — Mon, 18 Apr 2005 16:04:05 GMT

Hello - I SA a system that requires password resets every 60 days. I have remote clients that use telnet and ftp - they complain every 60 days (they need to reset passwords in their jobs). Anyone know of an way to have the OS run a job or email before resetting (or is their a command to see how many days left before reset?). Don't think sftp or scp will help since they react to resets as well (even though they mostly use keys). Some folks have recommended third-party products (connect:direct) - not sure if that would help. Thanks in advance...Mike

Re: password aging

Rick Garland — Mon, 18 Apr 2005 16:06:42 GMT

On login, the OS will tell you how long is left on the current passwd, assuming time is getting close.

Re: password aging

RAC_1 — Mon, 18 Apr 2005 16:08:31 GMT

You can put up a script to do so. If system in trusted mode, you can set exptm setting to warn user about expiry of password. If non trusted mode, passwd -w "warning_time_in_days"

man passwd
man getprpw, man modprpw for details.

Anil

Re: password aging

lawrenzo — Mon, 18 Apr 2005 20:31:30 GMT

as far as I know I dont think there is any tool that will mail when a user passowrd is about to expire?

you can set passowrd warning and aging in same so for example passowrd expire in 60dya but warn after 50 days.

a maeesage will be displayed when the user logs in.

HTH

Re: password aging

Isralyn Manalac_1 — Mon, 18 Apr 2005 22:25:19 GMT

Hi Michael,

If you have set the password expiration warning time, upon login, the user will be notified that his/her password is about to expire in X days.

Regards,

Isralyn

Re: password aging

wip — Tue, 19 Apr 2005 01:22:34 GMT

Password aging can be best implemented by making a system trusted.It not only provide enahnaced user security/restrictions also provide /tcb authentication