Managing Systems and Workgroups: A Guide for HP-UX System Administrators
Administering a System: Managing System Security
Managing Standard Passwords and System Access
Chapter 8748
Managing Standard Passwords and System
Access
The password is the most important individual user identification
symbol. With it, the system authenticates a user to allow access to the
system. Since they are vulnerable to compromise when used, stored, or
known, passwords must be kept secret at all times.
System
Administrator’s
Responsibilities
The system administrator and every user on the system must share
responsibility for password security. The system administrator performs
the following security tasks:
• Ensure that all users have passwords.
• Maintain proper permissions on all system files, including the
standard password and group files, /etc/passwd and /etc/group.
• Delete and/or nullify user IDs and passwords of users no longer
eligible to access the system.
User’s
Responsibility
Every user must observe the following rules:
• Remember the password and keep it secret at all times.
• Change the initial password immediately; change the password
periodically.
• Report any changes in status and any suspected security violations.
• Make sure no one is watching when entering the password.
• Choose a different password for each machine on which there is an
account.
Criteria of a Good Password
Observe the following guidelines when choosing a password:
• A password must have at least six characters and can have up to 80.
Special characters can include control characters and symbols such
as asterisks and slashes. In standard mode, only the first eight
characters are used.