HPE Community
Operating System - HP-UX
1832678 Members
2992 Online
110043 Solutions
New Discussion

Re: Policies

 
Stoichkov
Occasional Contributor

‎05-18-2006 06:05 AM

‎05-18-2006 06:05 AM

Policies

Excuse me friends, where do i get the file In HPUX about policies to put it on passwords to users, for example:

It must be at least eight characters in length. (Longer is generally better.)
It must contain at least one alphabetic and one numeric character.
It must be significantly different from previous passwords.
It cannot be the same as the userid.
It cannot start or end with the initials of the person issued the userid.
It cannot include the first, middle, or last name of the person issued the userid.
It should not be information easily obtainable about you. This includes license plate, social security, telephone numbers, or street address.

Thank you..
0 Kudos
3 REPLIES 3
Chan 007
Honored Contributor

‎05-18-2006 06:20 AM

‎05-18-2006 06:20 AM

Re: Policies

Hi,

Check this link below, that will solved few of your queries.

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1027995

Other wise change you system to Trusted one.

Chan
0 Kudos
Doug O'Leary
Honored Contributor

‎05-18-2006 06:21 AM

‎05-18-2006 06:21 AM

Re: Policies

>>It must be at least eight characters in length. (Longer is generally better.)

/etc/default/security (for hpux 11.23). NOTE, UNIX passwords can be any length up to 255 characters; however, only the first 8 are significant. For instance:

12345678whodoweappreciate and
12345678idontcarewhatitypehere

will resolve to the same encrypted password.


>>It must contain at least one alphabetic and one numeric character.

/etc/default/security

>>It must be significantly different from previous passwords.

I didn't see any parameters in /etc/default/security in there; however, I'm sure you can implement something like that in TCB mode. (trusted)

>>It cannot be the same as the userid.

Switch to trusted mode.

>>It cannot start or end with the initials of the person issued the userid.

You'll have to write your own password checker to implement that.

>>It cannot include the first, middle, or last name of the person issued the userid.

You'll have to write your own password checker to implement that.

>>It should not be information easily obtainable about you. This includes license plate, social security, telephone numbers, or street address.

I have no idea how you'd automate something like that without tracking all that information on every user in your passwd file - which is quite scary if you think about it...

Doug

------
Senior UNIX Admin
O'Leary Computers Inc
linkedin: http://www.linkedin.com/dkoleary
Resume: http://www.olearycomputers.com/resume.html
0 Kudos
Stoichkov
Occasional Contributor

‎05-18-2006 08:06 AM

‎05-18-2006 08:06 AM

Re: Policies

thank you very much friends. I hope i could help you.

If you want, you can contact me in osvaldo@irapuato.gob.mx and we can exchange things or software, manuals and music. See you...

Best Regards
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.