cancel
Showing results for 
Search instead for 
Did you mean: 

password policy in tru64

gabbi007in
Occasional Contributor

password policy in tru64

Can We implement the following password policies in tru64 ?

Contain at least one alphabetic and one non-alphabetic -Yes
Non-numeric in first and last position - Yes
Maximum consecutive identical charater from any position in the previous password -3
Maximum identical consecutive -2
Contain the user id as part of the password –No
Number of password changes for which the password cannot be reused - 5
4 REPLIES
Ann Majeske
Honored Contributor

Re: password policy in tru64

Yes. You need to enable Enhanced Security and then you can write your own password policy checking routine. See the Security Administration manual and
http://users.rcn.com/spiderb/sec/site-pwpolicy.c.txt
Martin Moore
HPE Pro

Re: password policy in tru64

I'm not sure you can do this one:

> Maximum consecutive identical charater from any position in the previous password -3

The cleartext versions of the previous passwords are not saved anywhere on the system. The password history in Enhanced Security stores only the encrypted versions of the last N passwords. Without the previous cleartext to compare against, I don't see how you could do this. Ann, do you have any thoughts?

The rest of the items can be done with the Enhanced Security configuration parameters and by implementing a site-specific password policy. The pointer Ann provided is a good starting point, or you can contact HP support for additional info.

Martin Moore
I work for HP
A quick resolution to technical issues for your HP Enterprise products is just a click away HP Support Center Knowledge-base
See Self Help Post for more details

Ivan Ferreira
Honored Contributor

Re: password policy in tru64

If password policies are too complex, you have problems like:

- Users does not remember the password
- Users calls often because the password is not accepted
- Users write their passwords (sometimes in a visible place)
- User accounts gets locked frecuently

I think that you should try using SSH with public key authentication.


But, if you want to enable that, you need to compile your own site-policy file.
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
Ann Majeske
Honored Contributor

Re: password policy in tru64

It would be much easier to simply require the users to use a password generated from random characters. See the "prpasswd" man page entry for "u_genchars". It looks like this would satisfy your requirements.

Ann