HPE Community
Operating System - OpenVMS
1828204 Members
2181 Online
109975 Solutions
New Discussion

VMS Password Policy - checking to ensure at least 1 alpha and 1 numeric is used

 
Bob_306
New Member

‎07-28-2005 09:04 AM

‎07-28-2005 09:04 AM

VMS Password Policy - checking to ensure at least 1 alpha and 1 numeric is used

John Gillings - your attached macro works for if a user tries using an all numeric password , but fails if an all alpha password is used. can you take a look at your code again.
0 Kudos
Reply
7 REPLIES 7
Bob_306
New Member

‎07-28-2005 11:04 AM

‎07-28-2005 11:04 AM

Re: VMS Password Policy - checking to ensure at least 1 alpha and 1 numeric is used

DEV> set pass
Old password:
New password: (used 12345678)
Verification:
%SYSTEM-F-NONUMERIC, Password policy requires at least one numeric
%SYSTEM-F-PWDWEAK, password is too easy to guess; please choose another string
DEV> set pass
Old password:
New password: (used abcdefghi)
Verification:
0 Kudos
Reply
John Gillings
Honored Contributor

‎07-28-2005 06:00 PM

‎07-28-2005 06:00 PM

Re: VMS Password Policy - checking to ensure at least 1 alpha and 1 numeric is used

Bob,

I'm not sure which code you're looking at. Please post a reference (or just the code itself).
A crucible of informative mistakes
0 Kudos
Reply
Antoniov.
Honored Contributor

‎07-28-2005 06:45 PM

‎07-28-2005 06:45 PM

Re: VMS Password Policy - checking to ensure at least 1 alpha and 1 numeric is used

Bob,
welcome to vms forum.

I can't get your real intention; please add some other information.
You can get help from any fellow of this forum, not only by John.

Antonio Vigliotti
Antonio Maria Vigliotti
0 Kudos
Reply
Willem Grooters
Honored Contributor

‎07-28-2005 08:25 PM

‎07-28-2005 08:25 PM

Re: VMS Password Policy - checking to ensure at least 1 alpha and 1 numeric is used

I wasn't aware that VMS's password policies are customizable?

If so, both replies are wrong.

New password: (used 12345678)
Verification:
%SYSTEM-F-NONUMERIC, Password policy requires at least one numeric

Looks pretty ridiculous reply to me in thois spot, it would have been right in the second attempt ("abcdefgh"). Here, it should say "requires at least one letter" here.
In both cases, I could argue for "requires at least one of _, $ or ." or whatever non-letter and non-digit character si allowed.

Just a thought ;-)

Willem

Willem Grooters
OpenVMS Developer & System Manager
0 Kudos
Reply
Hein van den Heuvel
Honored Contributor

‎07-28-2005 08:37 PM

‎07-28-2005 08:37 PM

Re: VMS Password Policy - checking to ensure at least 1 alpha and 1 numeric is used


I think this is in reference to:
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=866372

Indeed, the 'find numeric' loop appears to fall thru into 'num_ok' on end off password:

untiln: SOBGTR R7,nloop ; step to next character
num_ok:

You can fix that by inserting the line:
"brw untila" after the num loop count down, before the num_ok label.
That branch will then take it to the end of the alpha loop, with r7 still set to fail.

Many alternatives possible.

Of course this question sounds to me like someone on a black diamond ski slope asking for directions to the beginners class meeting point.... :-)

hth,

Hein.


0 Kudos
Reply
John Gillings
Honored Contributor

‎07-29-2005 01:33 AM

‎07-29-2005 01:33 AM

Re: VMS Password Policy - checking to ensure at least 1 alpha and 1 numeric is used

Bob,

Fair enough... serve me right for not testing it properly. On the other hand it was really only meant to be an example. I would have hoped anyone who wanted to use it would understand the code well enough to fix or modify it!

The attachment uses a simpler algorithm. This version steps through the password and counts characters according to type - numeric, alphabetic and "other". The test requires that the numeric and alphabetic counters be greater than zero, but this version makes it easier to change the policy (for example, at least 2 alphabetic).
A crucible of informative mistakes
0 Kudos
Reply
Bob_306
New Member

‎07-29-2005 06:23 AM

‎07-29-2005 06:23 AM

Re: VMS Password Policy - checking to ensure at least 1 alpha and 1 numeric is used

Thanks John, I thought it was just an example but only wanted to point out my test results. I have made the cheanges you recommended and cusomized it appropiately to fit my need. Thanks again.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.