Passwords are an important defense against security breaches. User passwords prevent unauthorized persons from accessing your system. Account passwords protect the information in an account from users who are not members of the account. Group passwords allow account users to work in a given group. They also serve to protect files in the group from users who are not members of it.
Tools for maintaining password security include:
Making user passwords mandatory.
Letting users choose their own passwords.
Making user passwords expire.
Establishing a minimum length for passwords.
If account passwords are created, their use is required for all users. If group passwords are created, their use is required unless the group is a user's home group. Individual user passwords may be set as optional or required. Making individual user passwords required adds another level of security to the system.
Account level passwords are created and maintained by System Managers. Group level passwords are created and maintained by Account Managers and System Managers. User passwords are created and required by System and Account Managers, and can be changed by users.
 |
| |
|
 | NOTE: If files are protected by ACDs, only user passwords should be required, and neither account or group passwords, or file lockwords, should be used. |
|
| |
|
Commands Used to Create and Maintain Passwords |
|
System Managers (SM capability) use the commands :NEWACCT, :ALTACCT,
and :PURGEACCT to create and maintain accounts. Account passwords can be created at the time an account is created or modified.
Both Account Managers (AM capability) and System Managers use the commands :NEWGROUP, :ALTGROUP, and :PURGEGROUP to create and maintain groups. Group passwords can be created at the same time a group is created or modified.
Both Account and System Managers use the commands :NEWUSER, :ALTUSER, and :PURGEUSER to create and maintain users. User passwords can be created at the time users are created or modified.
