HPE Community
Operating System - HP-UX
1833199 Members
3027 Online
110051 Solutions
New Discussion

system dictionary

 
Anish Xavier
Occasional Advisor

‎03-16-2007 10:47 AM

‎03-16-2007 10:47 AM

system dictionary

Hi all

I wants to setup a Control to help ensure the system dictionary preventing setting a password to common words.

Is there any option is available for this.

Regards,
Anish
0 Kudos
Reply
2 REPLIES 2
A. Clay Stephenson
Acclaimed Contributor

‎03-16-2007 11:42 AM

‎03-16-2007 11:42 AM

Re: system dictionary

Once again the answer is to convert to a trusted system. You are going to have major problems passing a security audit as long as the password hashes are in a file readable by everyone --- which is true for the stand UNIX security. This leaves your system open to a guessing attack.

In the past when I had to do this sort of thing with standard passwd's and/or NIS, I wrote custom passwd (or yppaswd) and login commands to do the sort of checks you are looking for.
If it ain't broke, I can fix that.
0 Kudos
Reply
Rasheed Tamton
Honored Contributor

‎04-07-2007 11:26 PM

‎04-07-2007 11:26 PM

Re: system dictionary

Hi Anish,

man 4 secuirty
will give you the info to harden a box as much as possible on a non-trusted system. Just look the options.

PASSWORD_MIN__CHARS
will give you the option to mix it with digits, special characters, etc
(Non dictionary word).

Regards,
Rasheed Tamton.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.