HPE Community
Operating System - HP-UX
1826177 Members
2248 Online
109691 Solutions
New Discussion

Dictionary update

 
Daniel Ocampo
New Member

‎08-20-2001 11:33 PM

‎08-20-2001 11:33 PM

Dictionary update

Hello Everyone,

Just reading the HP-UX manual (HP-UX 11.00 Instant Information
CD-ROM), there is a chapter in the manual for System access "Password
selection and Generation"

"[?Choose a password that is not listed in the dictionary (spelled
either forwards or backwards). Password-cracking programs can use
dictionary lists.]"

"[?User-generated passwords: You select your own password but
passwords
are run through a screening program that checks the password against
the dictionary, a list of login names, login name permutations,
repeated characters, and palindromes.]"

I want to know:
1) How to update the dictionary?
2) There are more dictionaries (Spanish, French, Dutch, company names,
etc)? If so, how can be obtained?
3) Where the dictionary is located, it's a file, it's a HP-UX library?
4) How the screening program process can be improved? !!adding new
dictionaries!!

The idea is, if you have screening program that checks the password
against the dictionary, the program should check against different
dictionaries.
Daniel O.
0 Kudos
Reply
2 REPLIES 2
Paula J Frazer-Campbell
Honored Contributor

‎08-20-2001 11:56 PM

‎08-20-2001 11:56 PM

Re: Dictionary update

Hi Daniel

The dictionary that this is referring to is a list of common words that hackers use as a reference when trying to hack a password ? so when the manual said use a word not found in the dictionary it means ?words in common use?, ie table, tester, enter.

So there is not dictionary file associated with the password on HP-UX systems.

What some sysadmins do and it is a good idea is to get programmes that hackers use and attack your own system to discover weaknesses.

You will be surprised at some of the passwords that your users think are secure.?

Password rules:-

1. Never write down your password.
2. Do not use common names ? eg peter1
3. Do not use your car reg.
4. Good passwords use a mix of numbers and letters.
5. Do not start your password with a number.
6. Never give your password to anyone.

Some examples of passwords:-

Bad :- freddy1, e172ago, travel1, office8

Good :- b76hej9, s1tt3rz, w4rgyyt6

Be creative with your new password but remember it.

HTH

Paula
If you can spell SysAdmin then you is one - anon
0 Kudos
Reply
Daniel Ocampo
New Member

‎08-24-2001 06:14 AM

‎08-24-2001 06:14 AM

Re: Dictionary update

Hello Paula,

Many thanks for you quick response. I am already aware of your comments. My idea (question) is focused on the screening program that checks against a dictionary.

Suppose that you have many of servers al over the world. It will be useful, if the screening program that checks user-generated password can add local dictionaries (for different countries and different languages).

At the present moment (I suppose), it checks against the same dictionary. If you have a look of the sentence: "[?User-generated passwords: You select your own password but passwords are run through a screening program that checks the password against the dictionary, a list of login names, login name permutations, repeated characters, and palindromes.]" means that when the users creates the password, the screening program checks a local (HP-UX) dictionary.

Again, how can the dictionary be updated?

Best regards,

Daniel
Daniel O.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.