H06.10 Software Installation and Upgrade Guide

ManualsBrandsHP ManualsServerHP Integrity NonStop Release and Migration

Safeguard Password Quality Enhancements

The T6533H04^ABM and later versions of Standard Security and the T9750H04^AFC and later

versions of Safeguard, initially released with the H06.09 RVU, provide these additional password

enhancements:

• Option to enforce certain rules governing user or alias passwords

• Use of embedded spaces in user or alias passwords

The following new attributes are introduced:

DescriptionAttribute

When set to ON, passwords must contain at least one

uppercase character.

PASSWORD-UPPERCASE-REQUIRED

When set to ON, passwords must contain at least one

lowercase character.

PASSWORD-LOWERCASE-REQUIRED

When set to ON, passwords must contain at least one

numeric character.

PASSWORD-NUMERIC-REQUIRED

When set to ON, passwords must contain at least one

special character (any nonalphanumeric character except

for commas, double quotes, or semicolons).

PASSWORD-SPECIALCHAR-REQUIRED

When set to ON, passwords may optionally contain

embedded spaces.

PASSWORD-SPACES-ALLOWED

Specifies the minimum number of quality criteria that

must be met when a password is set or changed. Valid

values are 0 through 4.

PASSWORD-MIN-QUALITY-REQUIRED

The password quality attributes are disabled by default, and must be explicitly enabled using

the PWCONFIG command. The password quality attributes take effect only if the

PASSWORD-ENCRYPT attribute is set to ON and the PASSWORD-ALGORITHM attribute is

set to HMAC256. In addition, for PASSWORD-SPACES-ALLOWED to take effect,

PASSWORD-COMPATIBILITY-MODE must be set to OFF.

For more information on the password quality enhancements, see the Password Quality

Enhancements support note.

Migration

There are no migration considerations specific to the quality password feature. However, a

mitigation procedure is available for handling any unexpected failures that might occur during

migration. This procedure is described under “Migration in a Safeguard Environment” (page 52).

Fallback

Embedded spaces in passwords are not supported in pre-H06.09 RVUs. Any user with a password

that contains embedded spaces will be unable to login after fallback. Fallback considerations are:

• Pre-H06.08 RVUs do not support the Safeguard longer password feature. Therefore, when

falling back to a pre-H06.08 RVU, users must first follow the steps described under “Fallback

in a Safeguard Environment” (page 52).

• When falling back to H06.08 or earlier:

— The super ID password must not contain embedded blanks.

— PASSWORD-COMPATIBILITY-MODE must be set to ON.

— Users whose password contains embedded spaces must request a new password.

Safeguard Password Quality Enhancements 55