HPE Community
Operating System - HP-UX
1834137 Members
2486 Online
110064 Solutions
New Discussion

Changing password requirments

 
SOLVED
Go to solution
Tom Gore
Regular Advisor

‎04-07-2003 05:49 AM

‎04-07-2003 05:49 AM

Changing password requirments

Is there a way to change the minimum password requirements? Our auditors require that the minimum length of a password be seven.

Thanks.
0 Kudos
Reply
5 REPLIES 5
Jerome Baron
Respected Contributor

‎04-07-2003 05:54 AM

‎04-07-2003 05:54 AM

Solution

Re: Changing password requirments

Hi,

With patch [PHCO_20334/PACHRDME/English] there was a additional parameter introduced:

MIN_PASSWORD_LENGTH

This parameter can be changed in the /etc/default/security file.

MIN_PASSWORD_LENGTH=8 means that users have to use a password with at least 8
characters. This file can be created on all 11.00 systems not only on trusted
systems. Within 11i the specific part of the manpage looks like this:

On an untrusted system, passwords of non-root users must have at
least six characters. On a trusted system, passwords of all
users must have at least six characters. This restriction on the
password length can be increased to a value larger than six.
Refer to the security(4) manual page for detailed information on
configurable parameters that affect the behavior of this command.
The parameter to select the minimum password length is

MIN_PASSWORD_LENGTH=N

This parameter controls the minimum length of new passwords.
It is not applicable to the root user on a untrusted system.

For untrusted systems N can be any value from 6 to 8.
For trusted systems N can be any value from 6 to 80.

Default value: MIN_PASSWORD_LENGTH=6


Regards,
Jerome
Reply
Tom Gore
Regular Advisor

‎04-08-2003 04:56 AM

‎04-08-2003 04:56 AM

Re: Changing password requirments

Jerome--

Currently we do not have the patch you mentioned. We are looking into applying it. Also, I cannot find the /etc/default/security file. Is this because the patch has not been applied? Can I simply create the file with just the MIN_PASSWORD_LENGTH=N in the file?

Thanks
0 Kudos
Reply
Pete Randall
Outstanding Contributor

‎04-08-2003 05:04 AM

‎04-08-2003 05:04 AM

Re: Changing password requirments

Tom,

Yes, you just create the file. See this thread:

http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0xb0475c7609e9d61190050090279cd0f9,00.html


Pete

Pete
Reply
Darren Prior
Honored Contributor

‎04-08-2003 05:05 AM

‎04-08-2003 05:05 AM

Re: Changing password requirments

Hi Tom,

The security file is created manually - so all you'll need to do is create it with the required line after you've installed the patch.

regards,

Darren.
Calm down. It's only ones and zeros...
Reply
Ivajlo Yanakiev
Respected Contributor

‎04-08-2003 06:27 AM

‎04-08-2003 06:27 AM

Re: Changing password requirments

Use sam and conver to trustet mod. Use sam and set want you want :)
It's easy :)


0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.