Manualshelf

Internet Express for Tru64 UNIX Version 6.10 Administration Guide (5900-1418, March 2011)

ManualsBrandsHP ManualsSoftwareHP-UX Internet Express Software
31323334353637383940
Note:
Whenever you use the Administration utility to manage user accounts, you may see a message
displayed in a box titled Security Information warning you that some unencrypted information may
be transmitted over the network. Click on Continue to continue the operation.
You can temporarily disable this message by clearing the checkmark in front of Show This Alert
Next Time. To enable the message, make sure your browser security preferences are set to display
a message before submitting a form over an unsecured connection.
Specifying User Names
Note the following rules when specifying the user name for an account (or the user-name prefix
for a generic account):
Use only alphabetic, numeric, or a combination of alphabetic and numeric characters.
Do not use nonalphanumeric characters (for example, spaces, colons, hyphens, underscores,
or periods) in the user name.
Assigning Passwords to User Accounts
All user accounts have passwords. You can assign a password when you create an account for a
named captive Internet Express account or for a UNIX system user. Alternatively, the Administration
utility can generate the password for these accounts. (You do not assign passwords to generic
captive accounts; the utility automatically generates the passwords for these accounts.)
To make a password more secure, make sure the password contains:
Between 8 and 64 characters
If you are not running ENHANCED (C2) security on your system, the password can be no
more than 8 characters
A mixture of uppercase and lowercase letters
Unusual capitalization, symbols, or digits
Passwords that do not meet these criteria are rejected by the Administration utility.
Purging Obsolete Passwords
The passwords that the Administration utility automatically generates (for any type of account) are
recorded in the ~iass/.users.list file.
If you specify a password for a named captive account or a UNIX account, the event is noted in
this file, but the actual password is not recorded.
Entries are not automatically removed from the ~iass/.users.list file when you delete an
account. If you do not periodically remove obsolete entries, this file can become large.
When you log in to the iass account and the ~iass/.users.list file exists, the menu item
Manage .users.list is displayed. Use this function to view, print, or remove the recorded
passwords.
Caution:
The passwords in ~iass/.users.list are not encrypted. Because these passwords are also
recorded in encrypted form in /etc/passwd, you may want to consider removing them from
.users.list. Use caution when printing or displaying this data.
To ensure a secure system, require users to change their passwords regularly. See the Tru64 UNIX
System Administration manual for information on how to change passwords.
Overview of User Accounts 39