HP-UX Reference (11i v2 07/12) - 1 User Commands N-Z (vol 2)
p
passwd(1) passwd(1)
Random letters An unpronounceable password made up of random letters from the alpha-
bet.
User-supplied A user-supplied password, subject to length and triviality restrictions.
Passwords can be greater than eight characters, but it is recommended that they be less than 40 charac-
ters. System warnings are displayed if passwords lengths are either too long or short. The system
administrator can specify a maximum password length guideline for the system generated options (random
syllables, random characters, and random letters). The actual maximum password length depends upon
several parameters in the authentication database and in the algorithm.
The system requires a minimum time to elapse before a password can be changed. This prevents reuse of
an old password within an undesirable period of time.
A password expires after a period of time known as the expiration time. System warnings are displayed as
expiration time approaches.
A password dies after a time period known as the password lifetime. After the lifetime passes, the account
is locked until it is re-enabled by a system administrator. Once unlocked, the user is forced to change the
password before account use.
The system administrator can enable accounts without passwords. If a user account is allowed to function
without a password, the user can choose a null password by typing a carriage-return when prompted for a
new password.
The system administrator can enable the password history feature to discourage users from reusing previ-
ously used passwords. Refer to the security(4) manual page for detailed information on configurable attri-
butes that affect the behavior of this command. The attribute for password history is:
PASSWORD_HISTORY_DEPTH
EXTERNAL INFLUENCES
International Code Set Support
Characters from single-byte character code sets are supported in passwords.
EXAMPLES
Change the password expiration date of user to 42 days in the files repository:
passwd -r files -x 42 user
Modify the minimum time between password changes of user1 to 7 days in the nisplus repository:
passwd -r nisplus -n 7 user1
Force user2 to establish a new password on the next login which will expire in 70 days and prohibit the
user from changing the password until 7 days have transpired:
passwd -r files -f -x 70 -n 7 user2
DEPENDENCIES
Pluggable Authentication Modules (PAM)
PAM is an Open Group standard for user authentication, password modification, and account validation. In
particular, pam_chauthtok() is invoked to perform all functions related to passwd. This includes
establishing and changing a password, using passwd options, and displaying error messages.
WARNINGS
Avoid password characters which have special meaning to the tty driver, such as # (erase) and @ (kill). You
may not be able to login with these characters.
Multiple superusers are allowed, but are strongly discouraged. That is because the system often stores
user ID rather than user name. Having unique IDs for all users will guarantee a consistent mapping
between user name and user ID.
FILES
/etc/passwd Standard password file used by HP-UX.
/etc/shadow Shadow password file.
/tcb/files/auth/*/* Protected password database used when system is converted to
trusted system.
130 Hewlett-Packard Company − 5 − HP-UX 11i Version 2: December 2007 Update