HPE Community
Operating System - HP-UX
1833300 Members
2901 Online
110051 Solutions
New Discussion

choice of password

 
SOLVED
Go to solution
Sunil Sharma_1
Honored Contributor

‎01-14-2004 01:25 AM

‎01-14-2004 01:25 AM

choice of password

Hi,

I want to impliment some password ristriction on users like password should contain atlease one numerls and special charater.

How can i do that ?

Sunil
*** Dream as if you'll live forever. Live as if you'll die today ***
0 Kudos
Reply
13 REPLIES 13
Fabio Ettore
Honored Contributor

‎01-14-2004 01:29 AM

‎01-14-2004 01:29 AM

Re: choice of password

Hi,

I think that TRUSTED SYSTEMS could work for you. It permits you to set password policies.

Best regards,
Ettore
WISH? IMPROVEMENT!
0 Kudos
Reply
Sunil Sharma_1
Honored Contributor

‎01-14-2004 01:32 AM

‎01-14-2004 01:32 AM

Re: choice of password


where i can set these policies after converting system to the trusted mode.

any chance to acheive this without converting system to trusted mode.

Sunil
*** Dream as if you'll live forever. Live as if you'll die today ***
0 Kudos
Reply
Pete Randall
Outstanding Contributor

‎01-14-2004 01:34 AM

‎01-14-2004 01:34 AM

Re: choice of password

Sunil,

On recent versions (or well patched older versions), you can add some restrictions via the /etc/security file (see man security), but, to restrict to the level you're talking about, you'll probably need to follow Etore's suggestion and go with a trusted system.


Pete

Pete
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎01-14-2004 01:35 AM

‎01-14-2004 01:35 AM

Re: choice of password

sam
auditing and security
system security policies

It will be obvious from that point.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
David_246
Trusted Contributor

‎01-14-2004 01:39 AM

‎01-14-2004 01:39 AM

Re: choice of password

Hi sunil,

eTrust for Access Control. It is a CA product, but HP is the reseller, at least here in Holland.
It does a little more, maybe too much ?

http://www3.ca.com/Solutions/Product.asp?ID=154

Regs David
@yourservice
0 Kudos
Reply
Sunil Sharma_1
Honored Contributor

‎01-14-2004 01:39 AM

‎01-14-2004 01:39 AM

Re: choice of password

Hi,

Pete: I think you are talking about /etc/default/security file. I checked the functions but didn't get required thing.

SEP: is it possible using trusted mode ?

Regards
Sunil
*** Dream as if you'll live forever. Live as if you'll die today ***
0 Kudos
Reply
Pete Randall
Outstanding Contributor

‎01-14-2004 01:42 AM

‎01-14-2004 01:42 AM

Re: choice of password

Sunil,

Yes, sorry - it's the /etc/default/security file, as you surmised. I didn't think it would be restrictive enough to meet your needs but it seemed worth mentioning in case you didn't want to go "trusted".


Pete

Pete
0 Kudos
Reply
Fabio Ettore
Honored Contributor

‎01-14-2004 01:44 AM

‎01-14-2004 01:44 AM

Re: choice of password

SEP and Sunil,
when you follow that road it asks to convert to TRUSTED SYSTEM before proceeding.

Anyway it is possible to change some password options when a user already exists:

SAM --> Accounts for Users and Groups --> Users -->
WISH? IMPROVEMENT!
0 Kudos
Reply
Pete Randall
Outstanding Contributor

‎01-14-2004 01:48 AM

‎01-14-2004 01:48 AM

Solution

Re: choice of password

Sunil,

PHCO_27037:

A site's security policies sometimes require new passwords
to contain specific numbers or types of characters, such as
at least two digits and at least one special character.

Resolution:
In addition to the standard password requirements,
optional entries in the file /etc/default/security specify
the minimum number of required characters of each type
(upper case characters, lower case characters, digits
and special characters) in a new password.

PASSWORD_MIN_UPPER_CASE_CHARS=N
PASSWORD_MIN_LOWER_CASE_CHARS=N
PASSWORD_MIN_DIGIT_CHARS=N
PASSWORD_MIN_SPECIAL_CHARS=N

The default value for N is 0. These parameters have
effect only when a password is changed. On untrusted
systems, these parameters do not apply to the root user.
The file /etc/default/security should be owned by root and
have 0644 permissions.


There may be other patches required as well (PHCO_27694/PHCO_27781). These are 11.11 patches, by the way. PHCO_26089 and PHCO_27721 seem to be the 11.0 versions.


Pete


Pete
Reply
Sunil Sharma_1
Honored Contributor

‎01-14-2004 01:49 AM

‎01-14-2004 01:49 AM

Re: choice of password

Thanks to all,

I think i don't ahve any other option except converting system into a trusted mode. or leave this plan.

Regards
Sunil
*** Dream as if you'll live forever. Live as if you'll die today ***
0 Kudos
Reply
Pete Randall
Outstanding Contributor

‎01-14-2004 01:52 AM

‎01-14-2004 01:52 AM

Re: choice of password

Sunil,

Don't give up - see my last entry!!


Pete

Pete
0 Kudos
Reply
Sunil Sharma_1
Honored Contributor

‎01-14-2004 05:26 PM

‎01-14-2004 05:26 PM

Re: choice of password

Thanks Pete.

I am working on this.

Sunil
*** Dream as if you'll live forever. Live as if you'll die today ***
0 Kudos
Reply
Rodney Hills
Honored Contributor

‎01-15-2004 02:57 AM

‎01-15-2004 02:57 AM

Re: choice of password

Be sure to investigate all the ramifications of going to a trusted systems (and they say you can't undo it).

One of the issues is NIS won't function within a trusted environment.

Just a heads up...

-- Rod Hills
There be dragons...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.