HPE Community
Operating System - HP-UX
1832577 Members
3092 Online
110043 Solutions
New Discussion

restrict trivial password

 
unixadmin_1
Frequent Advisor

‎01-06-2009 05:29 AM

‎01-06-2009 05:29 AM

restrict trivial password

any solution for this issuementioned below:

Trivial passwords were still allowed. Fourteen users were found to have weak passwords. Weak passwords increase the risk of unauthorised access being gained to the system and information resources.
0 Kudos
7 REPLIES 7
Ganesan R
Honored Contributor

‎01-06-2009 05:35 AM

‎01-06-2009 05:35 AM

Re: restrict trivial password

Hi Unixadmin,

Weak password is big security breach always. You can force the user to set complex passwords by many ways.

One option is configure /etc/default/security
file to have complex password for all the user. See man security for more details.

Other option is convert the system into trusted. You can have so many features in trusted system including complex passwords.

Hope this helps
Best wishes,

Ganesh.
0 Kudos
Pete Randall
Outstanding Contributor

‎01-06-2009 05:36 AM

‎01-06-2009 05:36 AM

Re: restrict trivial password

>Trivial passwords were still allowed.
Don't allow them.

>Fourteen users were found to have weak passwords.
Make them change them.

>Weak passwords increase the risk of unauthorised access being gained to the system and information resources.
True.


Pete

Pete
0 Kudos
change owners
New Member

‎01-07-2009 12:26 AM

‎01-07-2009 12:26 AM

Re: restrict trivial password

even than after is there any command which restricts trivial passwords...pls
0 Kudos
unixadmin_1
Frequent Advisor

‎01-16-2009 03:11 AM

‎01-16-2009 03:11 AM

Re: restrict trivial password

How do we get list of trivial passwords is there any shell script that runs on the system to get trivial passwords in one shot..please let me know its a urgent issue which should be resolved by tomm.
0 Kudos
OldSchool
Honored Contributor

‎01-16-2009 05:21 AM

‎01-16-2009 05:21 AM

Re: restrict trivial password

"Fourteen users were found to have weak passwords."

unix *doesn't* know they were "weak", so somebody ran a password cracker to attempt to figure this out. if they didn't supply the list, then either you will have to run the same tool to generate it yourself, or you will have to force everyone to update their passwords.

"man passwd" for details on how to do that. you can enforce password construction rules. I suggest you put the rules in place then force everyone to change there password.

"man security" (i believe) will provide more details on the rules / files needed.
0 Kudos
Johnson Punniyalingam
Honored Contributor

‎01-16-2009 08:17 AM

‎01-16-2009 08:17 AM

Re: restrict trivial password

Hi Unixadmin.

Only best way is to track them is by apply some changes to passwd length, by editing /etc/default/security

MIN_PASSWORD_LENGTH=8

Thanks,
Johnson

Problems are common to all, but attitude makes the difference
0 Kudos
unixadmin_1
Frequent Advisor

‎01-23-2009 01:13 AM

‎01-23-2009 01:13 AM

Re: restrict trivial password

Ok got it
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.