HPE Community
Operating System - HP-UX
1836226 Members
1962 Online
110096 Solutions
New Discussion

password modification

 
SILVERSTAR
Frequent Advisor

‎09-13-2004 01:43 AM

‎09-13-2004 01:43 AM

password modification

Hi,

is it possible to check when (day/month/hour) a pwd has been changed ?
Is it possible to check the password lenght of each password set ?

Many thanks
Angelo

0 Kudos
Reply
4 REPLIES 4
Sridhar Bhaskarla
Honored Contributor

‎09-13-2004 02:00 AM

‎09-13-2004 02:00 AM

Re: password modification

Hi Angelo,

Only if the system is trusted. If so, then you can use the command "getprpw -m spwchg " to get the last successful password change.

I do not believe it's possible to find the length of the password using the encrypted password. You will have to 'crack' it using "crack". But you will find it only for the crackable passwords even in that case.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎09-13-2004 02:14 AM

‎09-13-2004 02:14 AM

Re: password modification

1> If you enable passwd aging, then we can get the passwd change information as,

passwd -s

Superuser privilege and non-trusted mode is required if the files repository is specified.

2> *Unix passwd are encrypted one. Without passwd cracker's we can not do anything there.
Easy to suggest when don't know about the problem!
0 Kudos
Reply
Rick Garland
Honored Contributor

‎09-13-2004 02:54 AM

‎09-13-2004 02:54 AM

Re: password modification

The shorter the length of a password, the easier it will be for 'crack' to crack the password.

If you only have a passwd that is 3 characters in length, not so many combinations to run through.
0 Kudos
Reply
Todd McDaniel_1
Honored Contributor

‎09-13-2004 03:09 AM

‎09-13-2004 03:09 AM

Re: password modification

You can FORCE the passwd to be a min lenght...

man security... there is a file you can create to force users to have passwds of a min length. And force changing it every so often.

/etc/default/security

This file will need to be created with the options listed in the man page.


FROM the man page:

MIN_PASSWORD_LENGTH=N New passwords must contain at
least N characters. For untrusted systems N can be any
value from 6 to 8. For trusted systems N can be any
value from 6 to 80.

Default value: MIN_PASSWORD_LENGTH=6


============================================
PASSWORD_HISTORY_DEPTH=N A new password is checked
against only the N most recently used passwords for a
particular user.

A configuration of password history depth of 2 prevents
users from alternating between two passwords. The
maximum password history depth supported is 10 and the
minimum password history depth supported is 1.
Unix, the other white meat.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.