[Search for users]
[Overall Top Noters]
[List of all Conferences]
[Download this site]
| Title: | DIGITAL UNIX�(FORMERLY KNOWN AS DEC OSF/1) |
| Notice: | Welcome to the Digital UNIX Conference |
| Moderator: | SMURF::DENHAM |
|
| Created: | Thu Mar 16 1995 |
| Last Modified: | Fri Jun 06 1997 |
| Last Successful Update: | Fri Jun 06 1997 |
| Number of topics: | 10068 |
| Total number of notes: | 35879 |
9961.0. "triviality checks and c2" by RHETT::LACORTI () Tue May 27 1997 15:27
Under c2 security and 4.0b and 3.2X there seems to be conflict
about triviality checks.
If you click on help on the gui it states
"the passwd that has been selected or generated:
contains at least 6 characters
has at least 2 alpahbetic characters
contains one numberic or special character
differs from the users login name and any reverse or circular shift
of the login name or group name
differs from the users old password by at least 3 characters
if you look at the man page for prpwd and then also acceptable_password,
you find that not all the above is being checked
his field controls whether password triviality checks are per-
formed on any user-selected passwords. A u_restrict entry
indicates that triviality checks are performed; a u_restrict@
entry indicates they are not performed. Triviality checks
include ver ifying that the password is not a login or group name, a
palindrome, or a word recognized by the spell program. See the
acceptable_password(3) reference page for more information on
triviality checks for passwords.
So I am assuming that the help under the gui is incorrect since the
behavior follows the man pages...? You can choose the password
qwerty (all lower case alphabet) and that works fine. then when
changing can do qwetyu and that also works.
Thanks
sandy
| T.R | Title | User | Personal
Name | Date | Lines
|
|---|