cancel
Showing results for 
Search instead for 
Did you mean: 

PASSWORD COMPLEXITY

Alejandro Schmidt
Occasional Advisor

PASSWORD COMPLEXITY

Hello,

I just changed my system to a enhanced secure system. I am running Tru64 v5.1B.
I have the five databases it creates.
Where & How can I add the password complexity:
Min 6 charaters length
At least 1 alphanumeric character
At least 1 numeric character
At least 1 special character(#,@,etc..)
Expiration 1 year.
Per user. I don't want this rule applies to all the users.

I was looking at the:
tcb/files/auth.db and
var/tcb/files/auth.db.
Should I modify theses files?
They have funny characters - One of them looks like this:
^^Nb1^E^F ^B^^H^P^E^B^A^A^F^\^A^^^^P^^^^A^E^^\^P^^_At<^A^H^^^\^P^A^At<^A^Atest:u_name=tes
t:u_id#123 ^A^Atest:u_name=test:u
id#1234:u_pwd=rfNLAM8Ait3UAQ4sYpjSbIro:u_succhg#1237922351:u_unsucchg#1
237922299:u_pwdict=7Ryv56oCc8dDQLhrAGBj5Tl.:u_oldcry
pt#0:u_suclog#1237983362:u_unsuclog#12379
83154:u_lock@:chkent:
^E^Ates^Ahab10:u_name=hab10:u_id#1592:u_u_pwd=G9a/GaIZhSmf2:u_succhg#0
:u_unsucchg#1237981156:u_oldcpt#2:u_unsuctty=pts/5:
u_unsuclog#1237981156:u_numunsuclog#2:u_lock@:u_flogins#2:chkent:
^F^Ahab10^]^A^Ahab20:u_name=hab20:u_id#2269:u_pwd=Y40IXcQj9J2NcwzDCaIsSQ9k:u_succ
hg#1237923790:u_unsucchg#1237919500:u_pwdi
ct=PL9Y91paa75pwY/KDR8AtVoM,0D5AO8QEfF/66:u_oldcrypt#0:u_suclog#1237981
149:u_suctty=INET#psoap4:u_unsuclog#1237925028:u_lock@:chkent:
^F^Ahab20

Any ideas??
Thank you
2 REPLIES
Ivan Ferreira
Honored Contributor

Re: PASSWORD COMPLEXITY

The edauth command (or the dxaccounts GUI) can be used to modify some of the values. Also, the file with the security values is /etc/auth/system/default.

For password complexity, please see:

http://74.125.47.132/search?q=cache:GYq8Ebvg5U8J:aa11.cjb.net/tru64_unix_managers/2000/11/0073.html+site_policy.c&cd=3&hl=es&ct=clnk&gl=py

http://forums13.itrc.hp.com/service/forums/questionanswer.do?admit=109447627+1238016834711+28353475&threadId=905632

http://unix.derkeiler.com/Mailing-Lists/Tru64-UNIX-Managers/2005-04/0029.html

Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Alejandro Schmidt
Occasional Advisor

Re: PASSWORD COMPLEXITY

What about the prpasswd? Are you familiar with this command? hos do u use it?

Thank you