Security Management Guide (G06.24+, H06.03+)
Guardian System Security
Security Management Guide—522283-008
2-15
PWCONFIG Utility
BLIND
prompts for the old and new passwords. The passwords are not displayed on the
screen.
ECHO
prompts for the old and new passwords. The passwords are echoed on the screen.
OFF
reads the new password from the command line.
The default value is BLIND.
•
ENCRYPTPASSWORD specifies whether passwords are to be encrypted. This
attribute is similar to the Safeguard configuration attribute, PASSWORD-
ENCRYPT. The syntax for the ENCRYPTPASSWORD attribute is:
ON
indicates that the passwords will be encrypted as described by ALGORITHM.
OFF
indicates that the passwords will be stored as clear text, and are not encrypted.
The values for this attribute are only used when the ENCRYPTPASSWORD is ON.
The default value is ON.
•
ALGORITHM specifies the password encryption algorithm. This attribute is similar
to the Safeguard configuration attribute, PASSWORD-ALGORITHM.
The syntax for the ALGORITHM attribute is:
DES
indicates that the stored passwords will be encrypted using DES.
HMAC256
indicates that the stored passwords will be encrypted using HMAC with SHA-256.
The default value is DES.
•
MINPASSWORDLEN speicifies the minimum length of the password that can be
specified during password change. This attribute is similar to the Safeguard
configuration attribute, PASSWORD-MINIMUM-LENGTH. The value of the attribute
can be greater than eight only when the ALGORITHM is HMAC256 and the value
PWCONFIG ENCRYPTPASSWORD {ON | OFF}
PWCONFIG ALGORITHM {DES | HMAC256}