Manualshelf

Neoview User Management and Security Administration Guide (R2.5)

ManualsBrandsHP ManualsSoftwareHP Neoview Release 2.5 Software
21222324252627282930
NOTE: Login requests from the Neoview platform-level command interpreter (TACL) are not
encrypted at present. TACL access is almost always restricted to the system console, which is
usually on a private network, so the risk of password exposure is limited. In addition, the accounts
used by HP personnel to log on to TACL do not permit access to customer data.
By default, passwords for platform users have the following characteristics:
Minimum length of 8 bytes (configurable)
Maximum length of 64 bytes, or 53 bytes if using 1024-bit keys. However, special
considerations apply if the security policy requires platform users to present a role password
in order to log on; for more information on this topic, see “Role Passwords” (page 26).
Is not required to contain one character in each of the following categories: uppercase
character, lowercase character, digit, non-alphanumeric character
May not contain double-quotes (“), semi-colons (;), forward slashes (/), or commas (,).
May contain the user name
May contain consecutive instances of the same character
May contain blanks, but leading and trailing blanks are ignored
May contain non-printable ASCII characters
May not contain non-ASCII characters
Do not expire unless you modify the security policy to specify expiration
However, a Security Administrator can change password quality policies as well as various other
policies related to password control, as described in “Managing Security Policies” (page 39).
NOTE: Password policy settings for locally authenticated database users are the same as for
platform users. There is no way to modify the password policies for platform users without
affecting the policies for locally authenticated database users, or vice versa. The only exception
to this rule is that the configuration could require some users to log on with personal and role
passwords while others log on with only a personal password. For more information, see “Role
Passwords” (page 26).
Role Passwords
Just as an individual user has a password, so does a role. The passwords for roles follow the
same rules and policies as the passwords for platform users. Security policies defined in HPDM
by the Security Administrator (ROLE.SECMGR) determine the minimum password length and
other password quality rules, such as what kinds of characters are permitted or required in
passwords.
The following security policy settings apply expressly to role passwords:
Whether a user must provide both his or her own password and the role password to log
on, as in
mypassword/rolepassword
where mypassword is the password associated with the individual user, and rolepassword
is the password associated with the underlying role. For example, if you have a personal
account as SUPER.SUPER, a security policy might require you to enter your own password,
a forward slash, and then the password associated with SUPER.SUPER.
26 Introduction to Security on the Neoview Platform