HPE Community
Operating System - HP-UX
1834915 Members
2574 Online
110071 Solutions
New Discussion

Re: Password format policy question

 
SOLVED
Go to solution
Stephen Hayter_1
Advisor

‎11-18-2002 05:16 AM

‎11-18-2002 05:16 AM

Password format policy question

Hi,

I want to assign a user a specific password on a trusted 11i server. Say this password is 'abcdef' and through SAM I try and modify the users password, it complains with:

"password must contain at least two alphabetic characters and at least one numeric or special character".

I thought that if I went into SAM and set "Enable restrictions rules = No" in the password format policies section, I could have this password, but it seems not. Any idea why this is and what does the "Enable restrictions rules" box affect?

Thanks

Stephe
0 Kudos
Reply
6 REPLIES 6
Jean-Louis Phelix
Honored Contributor

‎11-18-2002 05:29 AM

‎11-18-2002 05:29 AM

Re: Password format policy question

hi,

This box makes sam look for some additionnal controls like password must not be pronounceable and must not exist in a dictionnary, but it doen't change the rules to build a password.

Regards.

PS : did you try changing it using the command line (ie "passwd login") ?
It works for me (© Bill McNAMARA ...)
0 Kudos
Reply
Cheryl Griffin
Honored Contributor

‎11-18-2002 05:38 AM

‎11-18-2002 05:38 AM

Solution

Re: Password format policy question

Use Restriction Rules:
New passwords are run through spell to verify that they are not ordinary words that appear in common dictionaries. This reduces vulnerability to password cracking programs.

For a system to comply with trusted security standards, there is no way around the requirement of containing at least two alphabetic characters and at least one numeric or special character.

See man passwd
"Downtime is a Crime."
Reply
Stephen Hayter_1
Advisor

‎11-18-2002 05:40 AM

‎11-18-2002 05:40 AM

Re: Password format policy question

Hi Jean-Louis,

Yes I tried from the command linec using 'passwd' which did the same thing.

Thanks for the other info too.

Regards.
0 Kudos
Reply
Christopher McCray_1
Honored Contributor

‎11-18-2002 05:45 AM

‎11-18-2002 05:45 AM

Re: Password format policy question

Hello,

The "at least one number or special character" is the default minimum for a trusted system. So, just make the passwd abcde1.

Hope this helps

Chris
It wasn't me!!!!
0 Kudos
Reply
Stephen Hayter_1
Advisor

‎11-18-2002 05:50 AM

‎11-18-2002 05:50 AM

Re: Password format policy question

One other thing I did notice about this, was that if I reset the user's password from SAM, the new password it generates was all alphabetic!

Thanks for all replies.
0 Kudos
Reply
Christopher McCray_1
Honored Contributor

‎11-18-2002 05:57 AM

‎11-18-2002 05:57 AM

Re: Password format policy question

Hello, again,

Yes, you are correct. If you ask sam to reset the user's passwd, it does create an all-alphabetic string, BUT, this passwd must be changed at first login afterward. You you use the "modify user's password" option, sam is assuming that you are changing it as permanent, until the expiration time, therefore the restriction rules apply.

Hope this clarifies

Chris
It wasn't me!!!!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.