HPE Community
Operating System - HP-UX
1835061 Members
2608 Online
110073 Solutions
New Discussion

Re-assigning an already used password to a user in a trusted system

 
Kennedy G. Doss
Regular Advisor

‎02-28-2006 03:18 AM

‎02-28-2006 03:18 AM

Re-assigning an already used password to a user in a trusted system


SAs:

A few of my users who use a common application account want me to re-assign the same password to an expired account. Is there a kind of backdoor mechanism which I can use to assign the same password (or a password which was already used once, a while ago) to the user.? If yes could you please let me know. This is a trusted system.

Regards,
Kennedy
0 Kudos
6 REPLIES 6
RAC_1
Honored Contributor

‎02-28-2006 03:21 AM

‎02-28-2006 03:21 AM

Re: Re-assigning an already used password to a user in a trusted system

They can set it themselves. Log in as that user and just do passwd
There is no substitute to HARDWORK
0 Kudos
Kennedy G. Doss
Regular Advisor

‎02-28-2006 03:25 AM

‎02-28-2006 03:25 AM

Re: Re-assigning an already used password to a user in a trusted system

They can set a different password. But they are unable to set it to a password which was already used a few months back.
0 Kudos
Pete Randall
Outstanding Contributor

‎02-28-2006 03:28 AM

‎02-28-2006 03:28 AM

Re: Re-assigning an already used password to a user in a trusted system

This is set either in the /etc/default/security file or in SAM's password policies. Simply unset it, set the password and re-set it.


Pete

Pete
0 Kudos
A. Clay Stephenson
Acclaimed Contributor

‎02-28-2006 03:32 AM

‎02-28-2006 03:32 AM

Re: Re-assigning an already used password to a user in a trusted system

First of all, a shared account is a huge security riskand should be avoided. Moreover, reusing a password negates the value of the password history entries. Having said that this can be done in a couple of ways:

1) Temporarily comment out the PASSWORD_HISTORY_DEPTH entry in /etc/default/security. You can then use the passwd command to re-enter a previously used password. You then re-enable the PASSWORD_HISTORY_DEPTH entry in /etc/default/security.

2) Enter this command:
perl -e '{print crypt("secret","AZ"),"\n"}'

and substitute the desired plaintext password for "secret". You then copy the output of this command into the u_pwd=entry in the /tcb/files/auth/x/xusername file thjat matches this user.

If it ain't broke, I can fix that.
0 Kudos
RAC_1
Honored Contributor

‎02-28-2006 03:32 AM

‎02-28-2006 03:32 AM

Re: Re-assigning an already used password to a user in a trusted system

If you have password policies set, then you will have to override them for a while.
move /etc/default/security to some other file for a while. Set password and move the security file back.
There is no substitute to HARDWORK
0 Kudos
Kennedy G. Doss
Regular Advisor

‎02-28-2006 04:53 AM

‎02-28-2006 04:53 AM

Re: Re-assigning an already used password to a user in a trusted system

Thanks for your feedback. I was able to resolve the issue once I commented out the one of the fields (password depth) in the /etc/default/security file.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.