HPE Community
Operating System - HP-UX
1856408 Members
5302 Online
104112 Solutions
New Discussion

Re: password policy - query

 
SOLVED
Go to solution
Jagadesh_2
Regular Advisor

‎12-08-2005 08:34 AM

‎12-08-2005 08:34 AM

password policy - query

Hi All,

I have a requirement to enable the below security policies in HPUX 11.11/11 servers.

1)Non-numeric in first and last position
2)Maximum consecutive identical character from any position in the previous password
3)Maximum identical consecutive characters

Please let me know how to enable this in trusted and non-trusted system.

Many Thanks
S.Jagadesh
0 Kudos
Reply
6 REPLIES 6
HGN
Honored Contributor

‎12-08-2005 08:40 AM

‎12-08-2005 08:40 AM

Re: password policy - query

Hi

In SAM

SAM>Accounts for users & groups>select User Modify security policies>password format policies.

Rgds

HGN
0 Kudos
Reply
HGN
Honored Contributor

‎12-08-2005 08:42 AM

‎12-08-2005 08:42 AM

Re: password policy - query

Hi

Sorry I misunderstood your question , the previous post may or may not be useful.

Rgds

HGN
0 Kudos
Reply
Rick Garland
Honored Contributor

‎12-08-2005 09:43 AM

‎12-08-2005 09:43 AM

Solution

Re: password policy - query

You can set options in the /etc/default/security file (create if doesn't exist)

Options are available to specify password complexity.

As to 1st-last characters, this is not done in the security file. But you can specify the number of non-alpha characters, the number of upper-case characters, etc.

Do a 'man security'

Reply
Bill Thorsteinson
Honored Contributor

‎12-08-2005 10:10 AM

‎12-08-2005 10:10 AM

Re: password policy - query

There are pam modules to verify password
formats. Generally, they check strength
based on number of characters with credits
for numeric, and special characters.
They can also verify that the new password
has is sufficiently different from the
previous one.

libpam_cracklib is one such module.

You can also write your own modules.

Password checking is generally disabled
when root sets the password.

0 Kudos
Reply
Raj D.
Honored Contributor

‎12-08-2005 10:43 AM

‎12-08-2005 10:43 AM

Re: password policy - query

Hi Jagadesh ,

First the system needs to be trusted system.
And hope you can do it with /usr/lbin/modprpw , also check for /etc/default/security file. Though I am not sure for the above parameters. check #man modprpw.

To check if the system is trusted , you can do :

# cd /usr/lbin
# ./getprdef -r


hth,
Raj.
" If u think u can , If u think u cannot , - You are always Right . "
0 Kudos
Reply
Raj D.
Honored Contributor

‎12-08-2005 10:48 AM

‎12-08-2005 10:48 AM

Re: password policy - query

Hi (again) Jagadesh,

You can check this link for more details for setting up password controls :

http://docs.hp.com/en/B2355-90121/ch02s06.html#d0e3540

Hope this will help.

Cheers ,
Raj.

" If u think u can , If u think u cannot , - You are always Right . "
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.