HPlogo HP Security Monitor/iX User's Guide: HP 3000 MPE/iX Computer Systems > Chapter 2 Accessing the System

If Your Password Expires
» 

Technical documentation

Complete book in PDF
» Feedback

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

Passwords that never change present a security risk to the system. System and Account Managers can cause individual user passwords to expire using standard system facilities. These facilities are the USERPASS=EXPIRED options of the :NEWUSER and :ALTUSER commands.

In addition, the system can be set so that all required passwords in the system can be made to expire simultaneously at specified intervals. When such intervals occur, users must enter new passwords or find themselves locked out of the system.

Discussion

On the expiration date, only user passwords that were not changed during the warning period expire. Users with expired passwords must select a new password the next time they log on. For example, suppose Susan has allowed her password to expire. When she logs on, she sees the following:

:HELLO SUSAN.MYACCT,LAPIN 

ENTER ACCOUNT PASSWORD:            (Susan enters password) 



ENTER USER PASSWORD:               (Susan enters password) 



ENTER GROUP PASSWORD:              (Susan enters password) 



USER PASSWORD HAS EXPIRED 

ENTER NEW PASSWORD:                (Susan enters new password) 

ENTER NEW PASSWORD AGAIN:          (Susan enters new password again) 

PASSWORD WAS CHANGED SUCCESSFULLY

If the user makes a mistake when entering the new password the second time, the system prints the message NEW PASSWORD NOT VERIFIED, and asks the user to enter the new password again. If the user is not successful after three tries, the logon process terminates, and the user must go though the procedure again. A user will not be allowed to log on until a new password is successfully entered.

Effects of Expired User Passwords

Expiration of a password has the following effects on users:

  • The global expired user password function causes the expiration only of required user passwords, regardless of whether required at the user or account level.

  • Required user passwords are marked for expiration at the beginning of the warning period. Thus, if a new user establishes a required password after the start of the warning period, that password is not affected by the forced expiration. Of course, it will be affected by the next forced expiration.

  • If a user's password has expired, and the user is forced to enter a new password, it cannot be the same as the one that just expired.

  • When a required password expires, the new password must meet the same requirements as the previous password. It must satisfy the password minimum length function, and the user password required function. (A blank password is not allowed, the password must be of a minimum length, and the password must be different from the previous one.)

  • Users can replace expired passwords only during interactive logon attempts. Other types of logon attempts will fail. Users should check that UDCs programs and job streams that include logon commands can recover from such failures.



Changing Your Password
  		 


Password Encryption  
Feedback to webmaster