Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Password rules not effective
Special Forums Cybersecurity Password rules not effective Post 302730359 by DGPickett on Monday 12th of November 2012 05:03:32 PM
Old 11-12-2012
With all the languages of the world, dictionary tests are bad. Some sort of checksum history can keep them off the last N passwords. Make a rule that every password has to have both upper and lower case, a number and a special, with no more than 3 of anything in a row, so Hello1! amd HELLo1! are not legal, but heLLo1! is OK. The breaks up phone numbers, anniversaries (the most popular?), words, names, etc.
 

7 More Discussions You Might Find Interesting

1. Cybersecurity

Changing effective user

I would like to give execution rights for a script to one user. (that's the easy part...) When that user is running the script, I would like the effective user ID to be that of the file-owner. Is this possible? (6 Replies)
Discussion started by: hilmel
6 Replies

2. UNIX for Dummies Questions & Answers

Variables for Effective Username?

Hey all, I'm glad to have found this forum as I'm trying to dive head first into Solaris 8 - been working with it for a few months now and am finally getting a bit comfortable with the layout and concepts. In any case, on to the questions... :D I was wondering how I would go about displaying... (3 Replies)
Discussion started by: QuadMonk
3 Replies

3. UNIX for Dummies Questions & Answers

most effective search ?

what's the most efficient and effective search for a file in a dir ? I see many guys use this # find - print or something as such ? and sometimes pipe it to something else ? Is there a better way of using "grep" in all of this ? thanks simon2000 (3 Replies)
Discussion started by: simon2000
3 Replies

4. UNIX for Dummies Questions & Answers

Changing the Effective Group ID

Here is my situation. On a RedHat 7.3 box, I have a user named jody. When I log in with jody and type in "id", I get the expected output: uid=1(jody) gid=1(jody) groups=1(jody), 510(test) However, I cannot figure which "id" option allows me to change the effective gid. I tried the options... (2 Replies)
Discussion started by: Jody
2 Replies

5. UNIX for Dummies Questions & Answers

Server wide password enforcement rules? 90 day force change.

Using Solaris 9 and 10. What we want to do is set up global rules for our password files to restrict all users, not only new ones set up with the rules but also the ones that have been sitting on the system for years. Is there a global way to force all users to change their password every 90... (1 Reply)
Discussion started by: LordJezo
1 Replies

6. UNIX for Dummies Questions & Answers

rules for new password?

What are the rules for choosing a new password when the old one expires? I notice when I try to use a password that is similar to my previous one then it won't take it. Got me wondering what the exact rules are- as in, how different does it have to be from previous passwords. (1 Reply)
Discussion started by: zTodd
1 Replies

7. UNIX for Dummies Questions & Answers

Real and Effective IDs

Can anyone explain me in details of Real and Effective IDs (6 Replies)
Discussion started by: kkalyan
6 Replies

LEARN ABOUT DEBIAN

poppassd

POPPASSD(8)															       POPPASSD(8)

NAME

       poppassd - Password change server for Eudora and NUPOP mail clients

DESCRIPTION

       poppassd  runs  from  inetd  and listens on TCP port 106 by default.  Its sole purpose in life is to engage in short FTP-like conversations
       from client applications and execute (or deny) remote password changes via the PAM facilities configured in /etc/pam.d/poppassd.  The  con-
       versation looks something like this:

	      200 poppassd v1.8.4 hello, who are you?
	      user adconrad
	      200 Your password please.
	      pass foo
	      200 Your new password please.
	      newpass bar
	      200 Password changed, thank-you.
	      quit
	      200 Bye.

       As can be seen from the example above, unencrypted passwords are transmitted over the network.  Because of this, it is recommended that you
       use this daemon only for local loopback password changing (for instance, from Perl, Python, or PHP web applications on the same server) and
       block all non-local access to port 106, either via tcpwrappers (/etc/hosts.deny) or with appropriate firewall rules.

       If  sending  unencrypted  passwords  over  the  wire  doesn't  bug  you	terribly much (as in the case of an ISP with hundreds of POP3 mail
       accounts), this daemon can provide a simple way for some of your clients (those running mail clients that actually support  this  protocol)
       to easily change their passwords.

FILES

       /etc/pam.d/poppassd
	      Contains	the  PAM  configuration for poppassd.  By default on Debian, it merely includes the common-auth and common-password files,
	      which should work in most cases.	If this doesn't cut it for your site, tailor to suit.

SEE ALSO

       pam(7), inetd(8), hosts.deny(5)

AUTHOR

       This manual page was written by Adam Conrad <adconrad@0c3.net> for the Debian operating system.

Debian								   19 March 2004						       POPPASSD(8)
All times are GMT -4. The time now is 07:34 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy