Operating System - HP-UX
1834252 Members
2203 Online
110066 Solutions
New Discussion

Re: password format policy

 
Trent Bukowsky
Advisor

password format policy

I would like to know if it is possible to change the password format when changing passwords.

Right now we have a K-class running Hp-UX 10.20. WHen a password os changed the system prompts for a minimun of 2 alphabets and 1 number. I would like to change this to 3 alphabets and 2 numbers.

Can someone tell me how to do this.

cheers,

trent
4 REPLIES 4
Vincent Farrugia
Honored Contributor

Re: password format policy

Hello,

To my knowledge it is not possible. It is hardwritten in the passwd command. I do not know whether there is a 3rd party program which does this though.

Vince
Tape Drives RULE!!!
James Beamish-White
Trusted Contributor

Re: password format policy

It is definitely possible, but I think you have to make the system a trusted system (either run /usr/lbin/tsconvert, the same with -r recovers to normail system, or run SAM and go to Auditing and Security -> System Security policies). Note that this isn't done lightly, and you should do some research into it, and also, I am not an expert on 10.20 and I'm unsure if it supports trusted system...

Once you've done this, edit the /tcb/files/auth/system/default file and change u_genchars and u_genletters defaults. You can probably do this somewhere in SAM, but I can't remember where at this time.

Cheers,
James
GARDENOFEDEN> create light
Trent Bukowsky
Advisor

Re: password format policy

It is a trusted system. What you have said sounds logical but the problem is the values for u_genchar and u_genletters are in encrypted form. how do you go about changing it. I can afford to try cause My system is not live for users yet.

Joe
Roger Baptiste
Honored Contributor

Re: password format policy

Trent,

If at all this is possible, it should be only in a trusted environment. I don't think you can change the values manually. Rather there are routines which would do this and encrypting part. The best way to try this would be through SAM in the trusted systems option, general policies.

hth
raj
Take it easy.