- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Re: increasing complexity of login passwords
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-01-2009 01:15 AM
тАО07-01-2009 01:15 AM
We want to require more complex passwords than what we have currently setup, but don't want to use genpwd -- i.e. something that would forbid "easy to guess passwords" such as "112233" or "asdf12" (which appear to be O.K. as far as the pwddic is concerned).
Any pointers/links will be appreciated.
Thanks
Solved! Go to Solution.
- Tags:
- Password
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-01-2009 01:40 AM
тАО07-01-2009 01:40 AM
Solutionyou can set up your own password policy checker.
See the excellent write up and links from Steve Hoffman at
http://labs.hoffmanlabs.com/node/643
Duncan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-01-2009 02:02 AM
тАО07-01-2009 02:02 AM
Re: increasing complexity of login passwords
Or simpler you can add your easy to guess passwords to the password dictionary.
And I question why "asdf12" is easier to guess than any other 6 character password. As a first action I would require at least 8 character passwords.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-01-2009 08:02 PM
тАО07-01-2009 08:02 PM
Re: increasing complexity of login passwords
You are correct that increasing password length would help, but at the moment I can only "tweak" existing policy.
I will try the macro32 password policy.
As a stop-gap, are there maybe any "improved" password dictionary additions that are available to download?
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-02-2009 12:30 AM
тАО07-02-2009 12:30 AM
Re: increasing complexity of login passwords
Also password security checker programs like JohnTheRipper contain dictionary files, especially those frequently used by cracker programs.
( http://www.openwall.com/john/ )
To add dictionaries to the VMS dictionay file, see the following files at
http://wwwvms.mppmu.mpg.de/vms$common/sysmgr/
ADD_PASSWORD_DICTIONARY.COM
convert_list_to_password_dictionary.com
merge_password_dictionary.com
The convert_list... procedure converts a text-file with one password per line into a VMS formatted (ISAM) file, which then can be merged into a VMS dictionary file.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-02-2009 05:33 AM
тАО07-02-2009 05:33 AM
Re: increasing complexity of login passwords
http://labs.hoffmanlabs.com/taxonomy/term/112
Articles include John The Ripper and other brute-force attacks, dictionary updates, generated passwords, no-password logins, certificates, Kerberos and single-signon, the aforementioned password filter, etc.