Managing Systems and Workgroups: A Guide for HP-UX System Administrators
Administering a System: Managing System Security
Managing Trusted Passwords and System Access
Chapter 8802
• Change the initial password immediately; change the password
periodically.
• Report any changes in status and any suspected security violations.
• Make sure no one is watching when entering the password.
• Choose a different password for each machine on which there is an
account.
Criteria of a Good Password
Observe the following guidelines when choosing a password:
• A password must have at least six characters and can have up to 80.
Special characters can include control characters and symbols such
as asterisks and slashes. In standard mode, only the first eight
characters are used. In trusted mode, all 80 are significant.
After a conversion to a Trusted System, only the first eight
characters of a converted password will be acceptable. Users who had
a longer password on the standard system must log in for the first
time on the Trusted System with only the first eight characters.
Then they may choose a longer password, if they desire. If a system
is converted back to standard mode, the passwords are truncated to
the first eight characters.
• Do not choose a word found in a dictionary in any language, even if
you spell it backwards. Software programs exist that can find and
match it.
• Do not choose a password easily associated with you, such as a
family or pet name, or a hobby.
• Do not use simple keyboard sequences, such as asdfghjkl, or
repetitions of your login (e.g., if your login is ann; a bad password is
annann).
• Misspelled words or combined syllables from two unrelated words
make suitable passwords. Another popular method is to use the first
characters of a favorite title or phrase for a password.
• Consider using a password generator that combines syllables to
make pronounceable gibberish.
Management must forbid sharing of passwords. It is a security violation
for users to share passwords.