HPE Community
Operating System - HP-UX
1753479 Members
4748 Online
108794 Solutions
New Discussion юеВ

Re: bad user passwords

 
Don Bentz
Regular Advisor

тАО06-19-2001 12:23 PM

тАО06-19-2001 12:23 PM

bad user passwords

Is there a way I can determine if a user is logging in with a particular (i.e., default) password? Would I have to use a program like "crack" to determine this?
Insecurity is our friend. It keeps you dependent.
0 Kudos
Reply
3 REPLIES 3
A. Clay Stephenson
Acclaimed Contributor

тАО06-19-2001 12:30 PM

тАО06-19-2001 12:30 PM

Re: bad user passwords

Hi Don,

No there is no way to determine what plaintext
password is using. Crack MAY be able to guess.
The only way to do this would be to code a replacement for login.

Regards, Clay
If it ain't broke, I can fix that.
0 Kudos
Reply
Patrick Wallek
Honored Contributor

тАО06-19-2001 12:48 PM

тАО06-19-2001 12:48 PM

Re: bad user passwords

The only way you could determine if a passwd has changed is to keep a copy of the passwd file and do a diff against it. That way you will know when the passwords change. If you know when a user is created, make a copy and then check periodically to see if / when the user changes the password.
0 Kudos
Reply
Wieslaw Krajewski
Honored Contributor

тАО06-19-2001 02:24 PM

тАО06-19-2001 02:24 PM

Re: bad user passwords

Hi,

To be sure that an user will change the default password is to force him to change the password during the next login. To this purpose it is necessary to add in the second field of the respective line in the /etc/passwd file ",.." after encrypted password.

Rgds.
Permanent training makes master
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.