System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

How to force user ROOT to use STRONG password?

 
Regular Advisor

How to force user ROOT to use STRONG password?

Hi everybody,

I'm trying to implement SMSE security features on 11.31 box and I want to force root account to use STRONG password. All PASSWORD like features in user database or /etc/default/security file seem to be useful just for non-root users (man security). What about root like users???

Any help will be appreciated.

n.
6 REPLIES 6
Honored Contributor

Re: How to force user ROOT to use STRONG password?

Hi,

Ya to enable strong password /etc/default/security file is enough

# Optional restrictions for new passwords
# PASSWORD_MIN_UPPER_CASE_CHARS=0
# PASSWORD_MIN_LOWER_CASE_CHARS=0
# PASSWORD_MIN_DIGIT_CHARS=1
# PASSWORD_MIN_SPECIAL_CHARS=2


Thanks & Regards

Aashique
Acclaimed Contributor

Re: How to force user ROOT to use STRONG password?

At the moment I don't know about SMSE, but I would suggest "briefing", "work instruction" or "salary cut" for your root users.

root can do everything, even bad things ...

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.

__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
Regular Advisor

Re: How to force user ROOT to use STRONG password?

Hi,

SMSE stands for Standard Mode Security Extensions...
As I mentioned, all PASSWORD like attributes (/etc/default/security) applies just to non-root users!

Any idea,
n.
Trusted Contributor

Re: How to force user ROOT to use STRONG password?

hello,

The /etc/default/security file doesn't pertain to root users. Can't you just make the password strong for root? SAM you just set the expiration and a couple of other things. I'm not sure about SMSE. I'm not sure of a file equivalent to /etc/default/security for root.

sp,
Regular Advisor

Re: How to force user ROOT to use STRONG password?

Hi everybody,

any idea???

Thank you,
n.
Acclaimed Contributor

Re: How to force user ROOT to use STRONG password?

>any idea???

You are probably out of luck.
The only way to solve it is with software that can detect this after the fact. I suppose this may be impossible since the password is encrypted?

Or with people management tools like carrots and sticks.