Solved: Re: password expiry issue

Azaru · ‎03-04-2008

Dear gurus,

We have the hp_ux machines and installed Bastille security hardening tool. But for every month the password for the users getting expired.
We are maintaining the one password for all the time. To retain the same password we have to clear the entry in /tcb/files/auth// for every month.

So any one can give me the solution for the password expiry issue.

Thanks
azaru

Paul Sperry · ‎03-04-2008

sam
auditing and security
system security polices
password aging policies
pasword aging ..Disabled

that should do the trick

Azaru · ‎03-04-2008

Dear Paul,

As per the security reason, we have to keep the expiration process to continue,

but we have to keep the same password for all the time by running script.

Is there anything like that?

Patrick Wallek · ‎03-04-2008

>>As per the security reason, we have to keep
>>the expiration process to continue,

>>but we have to keep the same password for all
>> the time by running script.

You're 2 requirements are mutually exclusive. What is the point of expiring passwords if you are keeping the same password all the time? Stop and think about it a minute.

It just does not make sense. The first is good security practice. But the 2nd is just plain crazy.

Paul Sperry · ‎03-04-2008

#As per the security reason, we have to keep #the expiration process to continue,

#but we have to keep the same password for #all the time by running script.

expiring passwords but keeping the passwords the same.

Is the same as disabling password aging.

Azaru · ‎03-04-2008

But if we are going under any auditing, then this disabling work should be avoided rite?

Tim Nelson · ‎03-04-2008

Seems to me if you told the auditors that your passwords expire but you autmatically reset them to the same password they would fail you.

I guess a cheat is only a cheat until someone catches on..

Azaru · ‎03-04-2008

Thanks
azaru

Azaru · ‎07-30-2008

thanks