topic Re: system dictionary in Operating System - HP-UX

system dictionary

Anish Xavier — Fri, 16 Mar 2007 17:47:34 GMT

Hi all

I wants to setup a Control to help ensure the system dictionary preventing setting a password to common words.

Is there any option is available for this.

Regards,
Anish

Re: system dictionary

A. Clay Stephenson — Fri, 16 Mar 2007 18:42:20 GMT

Once again the answer is to convert to a trusted system. You are going to have major problems passing a security audit as long as the password hashes are in a file readable by everyone --- which is true for the stand UNIX security. This leaves your system open to a guessing attack.

In the past when I had to do this sort of thing with standard passwd's and/or NIS, I wrote custom passwd (or yppaswd) and login commands to do the sort of checks you are looking for.

Re: system dictionary

Rasheed Tamton — Sun, 08 Apr 2007 06:26:56 GMT

Hi Anish,

man 4 secuirty
will give you the info to harden a box as much as possible on a non-trusted system. Just look the options.

PASSWORD_MIN__CHARS
will give you the option to mix it with digits, special characters, etc
(Non dictionary word).

Regards,
Rasheed Tamton.