Simpler Navigation for Servers and Operating Systems
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
Operating System - OpenVMS
cancel
Showing results for 
Search instead for 
Did you mean: 

increasing complexity of login passwords

SOLVED
Go to solution
sandyt
Frequent Advisor

increasing complexity of login passwords

Using openvms 7.3-2 on an alpha server.

We want to require more complex passwords than what we have currently setup, but don't want to use genpwd -- i.e. something that would forbid "easy to guess passwords" such as "112233" or "asdf12" (which appear to be O.K. as far as the pwddic is concerned).

Any pointers/links will be appreciated.

Thanks
5 REPLIES
Duncan Morris
Honored Contributor
Solution

Re: increasing complexity of login passwords

Sandyt,

you can set up your own password policy checker.

See the excellent write up and links from Steve Hoffman at

http://labs.hoffmanlabs.com/node/643

Duncan
Joseph Huber_1
Honored Contributor

Re: increasing complexity of login passwords

As Duncan wrote, You can add your own password policy module.
Or simpler you can add your easy to guess passwords to the password dictionary.
And I question why "asdf12" is easier to guess than any other 6 character password. As a first action I would require at least 8 character passwords.
http://www.mpp.mpg.de/~huber
sandyt
Frequent Advisor

Re: increasing complexity of login passwords

Thanks for the quick response.

You are correct that increasing password length would help, but at the moment I can only "tweak" existing policy.

I will try the macro32 password policy.

As a stop-gap, are there maybe any "improved" password dictionary additions that are available to download?

Thanks
Joseph Huber_1
Honored Contributor

Re: increasing complexity of login passwords

Maybe a search for "password dictionary file" will find some.
Also password security checker programs like JohnTheRipper contain dictionary files, especially those frequently used by cracker programs.
( http://www.openwall.com/john/ )

To add dictionaries to the VMS dictionay file, see the following files at
http://wwwvms.mppmu.mpg.de/vms$common/sysmgr/

ADD_PASSWORD_DICTIONARY.COM
convert_list_to_password_dictionary.com
merge_password_dictionary.com

The convert_list... procedure converts a text-file with one password per line into a VMS formatted (ISAM) file, which then can be merged into a VMS dictionary file.
http://www.mpp.mpg.de/~huber
Highlighted
Hoff
Honored Contributor

Re: increasing complexity of login passwords

Follow the Passwords taxonomy around the site for more than you probably care on this topic:

http://labs.hoffmanlabs.com/taxonomy/term/112

Articles include John The Ripper and other brute-force attacks, dictionary updates, generated passwords, no-password logins, certificates, Kerberos and single-signon, the aforementioned password filter, etc.