https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/4009835#M298664 Hi:<BR /><BR />See the manpages for 'usrmod(1M)' and 'security(4)'. Pay attention to the caveats in the 'security' file discussion --- in particular, the MIN_PASSWORD_LENGTH is limited on untrusted systems.<BR /><BR />Note also, that trusted mode is deprecated beginning with 11.31. The 'shadow(4)' password file is the preferred path.<BR /><BR />By the way, 11.22 is obsolete.<BR /><BR />Regards!<BR /><BR />...JRF... Wed, 30 May 2007 09:13:59 GMT James R. Ferguson 2007-05-30T09:13:59Z https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/4009833#M298662 Hello all u guru's of HP-UX...<BR /><BR /> I need to enable password restriction on HP machines <BR /><BR />1. Password ageing <BR />2. Password length<BR />3. Force password change<BR /> Can some one please let me know how can this be done on HP-UX 11.0,11.11,11.23,11.22...?<BR /><BR />Thanks in advance for all your help ...<BR /> Wed, 30 May 2007 08:45:54 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/4009833#M298662 whiteSox 2007-05-30T08:45:54Z https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/4009834#M298663 The first thing to do is switch to a trusted system. That will enable a lot of what you require.<BR /><BR />On top of that you can use features available in the /etc/default/security file. Do a 'man security' for more details. This file does not exist by default and must be created. Wed, 30 May 2007 08:57:15 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/4009834#M298663 Patrick Wallek 2007-05-30T08:57:15Z https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/4009835#M298664 Hi:<BR /><BR />See the manpages for 'usrmod(1M)' and 'security(4)'. Pay attention to the caveats in the 'security' file discussion --- in particular, the MIN_PASSWORD_LENGTH is limited on untrusted systems.<BR /><BR />Note also, that trusted mode is deprecated beginning with 11.31. The 'shadow(4)' password file is the preferred path.<BR /><BR />By the way, 11.22 is obsolete.<BR /><BR />Regards!<BR /><BR />...JRF... Wed, 30 May 2007 09:13:59 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/4009835#M298664 James R. Ferguson 2007-05-30T09:13:59Z https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/4009836#M298665 Hi,<BR /><BR />You can use the /etc/default/security file.<BR /><BR />example:<BR />PASSWORD_MIN_UPPER_CASE_CHARS=2<BR />PASSWORD_MIN_LOWER_CASE_CHARS=2<BR />PASSWORD_MIN_DIGIT_CHARS=2<BR />PASSWORD_MIN_SPECIAL_CHARS=2<BR />PASSWORD_HISTORY_DEPTH=10<BR />MIN_PASSWORD_LENGTH=9<BR /><BR />sp,<BR /> Wed, 30 May 2007 14:49:42 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/4009836#M298665 Sp4admin 2007-05-30T14:49:42Z https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/4009837#M298666 Also, you should consider standard-mode security extensions. It is available for download for 11.23, and bundled with 11.31.<BR /><BR />It gives most of the trusted-mode functionality to users without having to switch to trusted mode, which is being deprecated.<BR /><BR />I'd agree with the rest of the folks that trusted mode is your best bet for 11.00, 11.11, and 11.22. Thu, 31 May 2007 11:12:42 GMT https://community.hpe.com/t5/operating-system-hp-ux/password-policy/m-p/4009837#M298666 Robert Fritz 2007-05-31T11:12:42Z