Password minimum length (592 Views)
Reply
Frequent Visitor
gia_maria
Posts: 3
Registered: ‎09-27-2012
Message 1 of 5 (592 Views)

Password minimum length

Hi, Users,

I've a problem in HP-UX 10.20 with the user's password.

The user should have the password from the 4th symbols, but the system writes "too short, minimum 6 symbols".  There is /tcb/files/auth/ a file with parameters of this password, but the variable which is responsible for the minimum length isn't present. Where there is this value?

 

Thanks for advanse!

Honored Contributor
Matti_Kurkela
Posts: 6,271
Registered: ‎12-02-2001
Message 2 of 5 (576 Views)

Re: Password minimum length

If either the user-specific file in /tcb/files/auth or the system-wide defaults file /tcb/files/auth/system/default contains :u_restrict:, then the password triviality check is in effect. This may cause very short passwords to be rejected even if minimum length is not explicitly set.

 

If the /etc/default/security file exists and has the "MIN_PASSWORD_LENGTH=6" uncommented, the password is explicitly required to have at least 6 characters.

 

MK
Frequent Visitor
gia_maria
Posts: 3
Registered: ‎09-27-2012
Message 3 of 5 (571 Views)

Re: Password minimum length

Thanks, Matti

 

Yes, file /tcb/files/auth/system/default contains parametr :u_restrict@, but /etc/default/security file not exists.

Сan I remove parameter u_restrict@ or deactivate it to have the password from 4th symbols?

Honored Contributor
Matti_Kurkela
Posts: 6,271
Registered: ‎12-02-2001
Message 4 of 5 (531 Views)

Re: Password minimum length

:u_restrict@: actually means "no u_restrict". So the password restriction rules should be disabled system-wide.

(See "man 4 prpwd" for the keywords, and "man 4 authcap" for the general syntax.)

 

Instead of modifying the /tcb/files/auth/* files manually, you should use SAM to modify them.

The "Auditing and Security" section allows you to change the system security policy (e.g. the system-wide settings in /tcb/files/auth/system/default), and the "User and Group Management" section allows you to make exceptions to the system security policy on a per-user basis.

 

When you use SAM to view the per-user security policy, it will automatically display the total effect of the system-wide policy + any per-user exceptions, making it easier to verify that the policy is exactly what you want. It will also protect you from typing mistakes and other syntax errors when modifying the security policy.

 

You might also want to run:

authck -p -v

 to verify that your /etc/passwd and /tcb/files/auth/* files are in agreement and don't contain any typos. If the command reports any errors, use your judgement and fix them as appropriate.

 

MK
Frequent Visitor
gia_maria
Posts: 3
Registered: ‎09-27-2012
Message 5 of 5 (514 Views)

Re: Password minimum length

Matti,

the SAM's section don't contain any control for set (reset) the password's minimum length!

A question that control somewhere is and find it I can't!

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.