Managing Systems and Workgroups: A Guide for HP-UX System Administrators
Administering a System: Managing System Security
Managing Trusted Passwords and System Access
Chapter 8806
• Number of unsuccessful login attempts; cleared upon successful
login.
• Maximum number of login attempts allowed before account is locked.
Password Selection and Generation
On Trusted Systems, the system administrator can control how
passwords are generated. The following password generation options are
available:
• User-generated passwords.
A password screening option is available to check for the use of login
and group names, login and group name permutations, and
palindromes.
A new password must differ from the old password by at least three
characters.
• System-generated passwords using a combination of letters only.
• System-generated passwords using a combination of letters,
numbers, and punctuation characters.
• System-generated passwords using pronounceable meaningless
syllables.
Password generation options may be set for a system. Also, the system
administrator can set password generation options on a per-user basis,
overriding the system default.
At least one password generation option must be set for each user. If
more than one option is available to a user, a password generation menu
is displayed when the user changes his password.
Password Aging
The system administrator may enable or disable password aging for each
user. When password aging is enabled, the system maintains the
following for the password:
• Minimum time. The minimum time required between password
changes. This prevents users from changing the password and then
changing it back immediately to avoid memorizing a new one.