HPE Community
Operating System - HP-UX
1836872 Members
2172 Online
110110 Solutions
New Discussion

min passwd length and password history length in a trusted system

 
SOLVED
Go to solution
skt_skt
Honored Contributor

‎05-06-2009 05:23 AM

‎05-06-2009 05:23 AM

min passwd length and password history length in a trusted system

HP-UX 11.11

which file decides the passord history length in a trsuted system ( /tcb/files/auth/system/default or /etc/default/security?)

I dont see a history property defined in /tcb/files/auth/system/default.

Also what is the min passwd length in a trusted system.I dont see that configured in /tcb/files/auth/system/default

[/root] cat /etc/default/security
PASSWORD_HISTORY_DEPTH=6

[/root] cat /tcb/files/auth/system/default
default:\
:d_name=default:\
:d_boot_authenticate@:\
:u_pwd=*:\
:u_owner=root:u_auditflag#-1:\
:u_minchg#604800:u_maxlen#12:u_exp#5184000:u_life#7776000:\
:u_llogin#7776000:u_pw_expire_warning#1728000:u_pswduser=root:u_pickpw:\
:u_genpwd:u_restrict:u_nullpw@:u_genchars@:\
:u_genletters:u_suclog#0:u_unsuclog#0:u_maxtries#5:\
:u_lock:\
:t_logdelay#2:t_maxtries#5:t_login_timeout#30:\
:chkent:


Let me know if you already knew answers to that.
0 Kudos
Reply
3 REPLIES 3
Pete Randall
Outstanding Contributor

‎05-06-2009 05:32 AM

‎05-06-2009 05:32 AM

Re: min passwd length and password history length in a trusted system

According to the man page for security:

"The password history depth configuration is on a system basis and is supported in trusted system for users in files repository only."

That's awkwardly worded but I think it tells me that /etc/default/security controls this setting.


Pete

Pete
0 Kudos
Reply
Pete Randall
Outstanding Contributor

‎05-06-2009 05:36 AM

‎05-06-2009 05:36 AM

Solution

Re: min passwd length and password history length in a trusted system

Sorry, forgot the second part of your question. Once again the man page seems to indicate, at least to me, that /etc/default/security would control the min password length:

"New passwords must contain at least N characters. For untrusted systems, N can be any value from 6 to 8. For trusted systems, N can be any value from 6 to 80."


Pete

Pete
Reply
Court Campbell
Honored Contributor

‎05-06-2009 05:36 AM

‎05-06-2009 05:36 AM

Re: min passwd length and password history length in a trusted system

For minimum password length use MIN_PASSWORD_LENGTH in /etc/default/security. By default it is 6. "man security" should answer a lot of your questions.
"The difference between me and you? I will read the man page." and "Respect the hat." and "You could just do a search on ITRC, you don't need to start a thread on a topic that's been answered 100 times already." Oh, and "What. no points???"
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.