Manualshelf

Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP HP-UX Auditing System Extensions
41424344454647484950
2.4.3 Criteria of a Good Password
Observe the following guidelines when choosing a password and communicate these
guidelines to users:
Choose a password with at least 6 characters and no more than 80 characters.
Special characters can include control characters and symbols, such as asterisks
and slashes. In standard mode, only the first 8 characters are used.
Do not choose a word found in a dictionary in any language, even if you spell it
backwards. Software programs exist that can find and match it.
Do not choose a password easily associated with you, such as a family or pet name,
or a hobby.
Do not use simple keyboard sequences, such as asdfghjkl, or repetitions of your
login (for example, if your login is ann; a bad password choice is annann).
Consider using misspelled words or combined syllables from two unrelated words
to make suitable passwords. Another popular method is to use the first characters
of a favorite title or phrase for a password.
Consider using a password generator that combines syllables to make pronounceable
gibberish.
Do not share passwords with other users. Management must forbid sharing of
passwords.
Always have a password. Do not have your password field cleared in the /etc/
passwd file.
2.4.4 Changing the /etc/passwd Password File
A standard system maintains one password file: /etc/passwd.
All passwords are encrypted immediately after entry, and stored in the password file,
/etc/passwd. Only the encrypted password is used in comparisons.
Follow these guidelines if you need to change the password file:
Do not permit any empty or null password fields; this is a security breach. An empty
password field enables any user to set the password for that account.
Do not edit the password file directly. Use HP SMH or the useradd, userdel, or
usermod commands to modify password file entries. If you must edit the password
file directly, use the vipw command and check it with the pwck command. See
vipw(1M) and pwck(1M) for more information.
2.4.4.1 Examples of passwd Commands
Following are some useful passwd command examples:
Reset a user's password:
# passwd user1
Force a password change at next login:
42 Administering User and System Security