Manualshelf

Security Management Guide (G06.29+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
101102103104105106107108109110
Concerns for the System Administration Team
Security Management Guide 522283-021
6 - 10
Initial Password
This command requires that when a user changes a password, the new password
must differ from the previous twelve passwords used by that user.
Initial Password
Do not derive initial passwords from the user name or user ID because an inside
intruder might log on to a user ID that has been created but not yet assigned.
The initial password should be used only to enable the user to log on for the first time.
Immediately thereafter, the user should change the password to something secret and
easy to remember. For information on how a user changes a password, see Changing
Your Password on page 7-2.
Setting the Initial Password Through the PASSWORD
Command
The ADDUSER utility creates a blank initial password. To establish an initial password,
log on as the user and then use the PASSWORD command.
Setting the Initial Password Through SAFECOM
The SAFECOM ADD USER command allows you to add a user ID and set an initial
password. You might not have authority to add users. Normally only group managers
and the super ID can add users. However, if you are a member of the super group, the
security staff might ask you to create an OBJECTTYPE USER authorization record.
This record determines who can add users (and thereby set the initial password). For
more information about OBJECTTYPE USER authorization records, see Adding Users
on page 3-3.
The following SAFECOM command adds the user CLERK.ROBIN as user ID 102,11
with qw3rt6 as the initial password:
=ADD USER CLERK.ROBIN, 102,11, PASSWORD qw3rt6
The following command displays the user authentication record for CLERK.ROBIN:
=INFO USER CLERK.ROBIN, GENERAL
GROUP.USER USER-ID OWNER LAST-MODIFIED LAST-LOGON STATUS
CLERK.ROBIN 102,11 250,1 18JUN94, 14:35 * NONE * THAWED
UID = 26123
USER-EXPIRES = * NONE *
PASSWORD-EXPIRES = * NONE *
PASSWORD-MAY-CHANGE = * NONE *
PASSWORD-MUST-CHANGE EVERY = * NONE *
PASSWORD-EXPIRY-GRACE = * NONE *
LAST-LOGON = * NONE *
LAST-UNSUCCESSFUL-ATTEMPT = * NONE *
LAST-MODIFIED = * NONE *
FROZEN/THAWED = THAWED
STATIC FAILED LOGON COUNT = 0