System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

How to force user ROOT to use STRONG password?

 
aaaA_4
Regular Advisor

How to force user ROOT to use STRONG password?

Hi everybody,

I'm trying to implement SMSE security features on 11.31 box and I want to force root account to use STRONG password. All PASSWORD like features in user database or /etc/default/security file seem to be useful just for non-root users (man security). What about root like users???

Any help will be appreciated.

n.
6 REPLIES 6
Aashique
Honored Contributor

Re: How to force user ROOT to use STRONG password?

Hi,

Ya to enable strong password /etc/default/security file is enough

# Optional restrictions for new passwords
# PASSWORD_MIN_UPPER_CASE_CHARS=0
# PASSWORD_MIN_LOWER_CASE_CHARS=0
# PASSWORD_MIN_DIGIT_CHARS=1
# PASSWORD_MIN_SPECIAL_CHARS=2


Thanks & Regards

Aashique
Torsten.
Acclaimed Contributor

Re: How to force user ROOT to use STRONG password?

At the moment I don't know about SMSE, but I would suggest "briefing", "work instruction" or "salary cut" for your root users.

root can do everything, even bad things ...

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.

__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
aaaA_4
Regular Advisor

Re: How to force user ROOT to use STRONG password?

Hi,

SMSE stands for Standard Mode Security Extensions...
As I mentioned, all PASSWORD like attributes (/etc/default/security) applies just to non-root users!

Any idea,
n.
Sp4admin
Trusted Contributor

Re: How to force user ROOT to use STRONG password?

hello,

The /etc/default/security file doesn't pertain to root users. Can't you just make the password strong for root? SAM you just set the expiration and a couple of other things. I'm not sure about SMSE. I'm not sure of a file equivalent to /etc/default/security for root.

sp,
aaaA_4
Regular Advisor

Re: How to force user ROOT to use STRONG password?

Hi everybody,

any idea???

Thank you,
n.
Dennis Handly
Acclaimed Contributor

Re: How to force user ROOT to use STRONG password?

>any idea???

You are probably out of luck.
The only way to solve it is with software that can detect this after the fact. I suppose this may be impossible since the password is encrypted?

Or with people management tools like carrots and sticks.