HPE Community
Operating System - HP-UX
1830235 Members
2464 Online
109999 Solutions
New Discussion

Re: another password setting query

 
SOLVED
Go to solution
Gord Moore
Frequent Advisor

‎05-25-2004 10:20 AM

‎05-25-2004 10:20 AM

another password setting query

I have looked over the man pages and the document KBRC00011604 and can't find a definitive answer to this. Can I force the first and last characters of a password to be alphabetic, or at least non-numeric? I think the answer is no, but maybe someone knows for sure.

It not, is there a password program that has extra security (like the above) for HP-UX 11.11?

Thanks.
0 Kudos
Reply
3 REPLIES 3
Sridhar Bhaskarla
Honored Contributor

‎05-25-2004 10:28 AM

‎05-25-2004 10:28 AM

Solution

Re: another password setting query

Hi,

The answer is no. And in my opinion, it weakens the security of the password as two fields are fixed.

There is npasswd that you may want to look at. You may need to compile it if the one for 11.0 doesn't work. And I am not sure if it works for trusted system either as it has to manipulate the tcb database.

http://hpux.cs.utah.edu/hppd/hpux/Sysadmin/npasswd-1.2.4/

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
Reply
Michael Tully
Honored Contributor

‎05-25-2004 10:33 AM

‎05-25-2004 10:33 AM

Re: another password setting query

I agree with Sridhar on this one. Hard coding any fixed part would weaken the password security and would be easier for password hacking tools to guess passwords.
Anyone for a Mutiny ?
Reply
Mel Burslan
Honored Contributor

‎05-25-2004 11:05 AM

‎05-25-2004 11:05 AM

Re: another password setting query

together with not knowing to what extent the capabilities are, there is an additional tool called password plus, (pwplus) which will impose extra restrictions on the password, most important of which is to prevent users from using letter to numeric resemblance shifted passwords, i.e., prevent them from using "s!ngl3" for the word "single" as well as first character needs to be alphabetic, etc... these were imposed on my passwd selection. I think there are more to it that I could see as I was not the pwplus manager. Also, as a fringe benefit, it has a very nice passwd cracker which runs in schedules to check if anybody forced a crackable password according to the enforced rules.

HTH
________________________________
UNIX because I majored in cryptology...
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.