HP OpenVMS Systems Documentation

This chapter describes the following basic information that you need to know to interact with the OpenVMS operating system:

• Logging in to the system
• Choosing passwords for your account
• Reading informational messages
• Types of logins and login classes
• Login failures
• Changing passwords
• Password and account expiration times
• Guidelines for protecting your password
• Recognizing system responses
• Getting help about the system
• Logging out of the system
• Logging out without compromising system security

For additional information, refer to:

• The OpenVMS DCL Dictionary and online help, for complete descriptions of all commands referenced in this chapter
• The OpenVMS Guide to System Security, for additional information about passwords and OpenVMS security

The way you log in and out of the OpenVMS operating system depends on how the system is set up at your site. This section provides a general description of logging in to and out of the operating system. Check with your system manager for the procedures specific to your site.

You need two pieces of information to log in to the system: a user name and a password. Your system manager usually sets up accounts and gives you a user name and initial password (see Section 2.2.1).

To log in to the system, use the following procedure:

Username:

Username: CASEY
[Return]

Password:

If your login is successful, the system displays a dollar sign ($) in the left margin of your screen. The dollar sign is the default DCL prompt; it indicates that the system is ready to use.

The following example shows a successful login:

[Return]
Username:  CASEY [Return]
Password:                 [Return]
        Welcome to OpenVMS on node MARS
    Last interactive login on Friday, 11-DEC-1999 08:41
    Last non-interactive login on Thursday, 10-DEC-1999 11:05
$

If you make a mistake entering your user name or password or if your password has expired, the system displays the message User authorization failure and you are not logged in. If you make a mistake, press Return and try again. If your password has expired, you need to change your password; the system will automatically display the Set Password: prompt. See Section 2.6 for information on changing your password in this instance. If you have any other problems logging in, get help from the person who set up your account.

2.2 Choosing Passwords for Your Account

• Include both numbers and letters in the password. Although a 6-character password that contains only letters is fairly secure, a 6-character password with both letters and numbers is much more secure.
• Choose passwords that contain 6 to 10 characters. Adequate length makes passwords more secure. You can choose a password as long as 32 characters.
• Do not select passwords from a dictionary or from your native language.
• Avoid choosing words readily associated with your computer site or yourself, such as the name of a product or the model of your car.
• Choose new passwords each time. Do not reuse old ones.

Your system manager or security administrator may set up additional restrictions, for example, not allowing passwords with fewer than 10 characters or not allowing repeats of passwords.

The following table provides examples of secure passwords and high-risk passwords (words that others might easily guess):

Typically, when you learn that an account has been created for you on the system, you are told whether a user password is required. If user passwords are in effect, your system manager will usually assign a specific password for your first login. This password has been placed in the system user authorization file (UAF) with other information about how your account can be used.

It is inadvisable to have passwords that others could easily guess. Ask the person creating the account for you to specify a password that is difficult to guess. If you have no control over the password you are given, you might be given a password that is the same as your first name. If so, change it immediately after you log in. (The use of first or last names as passwords is a practice so well known that it is undesirable from a security standpoint.)

At the time your account is created, you should also be told a minimum length for your password and whether you can choose your new password or whether the system generates the password for you.

2.2.2 Changing Your Initial Password

Log in to your account soon after it is created to change your password. If there is a time lapse from the moment your account is created until your first login, other users might log in to your account successfully, gaining a chance to damage the system. Similarly, if you neglect to change the password or are unable to do so, the system remains vulnerable. Possible damage depends largely on what other security measures are in effect. See Section 2.6 for more information on changing passwords.

2.2.3 Restrictions on Passwords

The system screens passwords for acceptability, as follows:

• It automatically compares new passwords to a system dictionary. This helps to ensure that a password is not a native language word.
• It maintains a history list of your old passwords and compares each new password to this list to be sure that you do not reuse a password.
• It enforces a minimum password length, which the system manager specifies in your UAF record.

The system rejects any passwords that it finds in a system dictionary, that you have used before, and that are shorter than the minimum password length specified in your UAF.

2.2.4 Types of Passwords

There are several types of passwords recognized by the OpenVMS operating system:

• User password
  Required for most accounts. After entering your user name, you are prompted for a password. If the account requires both primary and secondary passwords, two passwords must be entered.
• System password
  Controls access to particular terminals and is required at the discretion of the security administrator. System passwords are usually necessary to control access to terminals that might be targets for unauthorized use, such as dialup and public terminal lines.
• Primary password
  The first of two passwords to be entered for an account requiring both primary and secondary passwords.
• Secondary password
  The second of two passwords to be entered for an account requiring both primary and secondary passwords. The secondary password provides an additional level of security on user accounts. Typically, the primary user does not know the secondary password; a supervisor or other key person must be present to supply it. For certain applications, the supervisor may also decide to remain present while the account is in use. Thus, secondary passwords facilitate controlled logins and the actions taken after a login.
  Secondary passwords can be time-consuming and inconvenient. They are justified only at sites with maximum security requirements. An example of an account that justifies dual passwords would be one that bypasses normal access controls to permit emergency repair to a database.

Your security administrator will tell you if you must specify a system password to log in to one or more of the terminals designated for your use. Ask your security administrator for the current system password, how often it changes, and how to obtain the new system password when it does change.

To specify a system password, do the following:

[Return]

<bell>

[Return]

MAPLE - A member of the Forest Cluster

 Unauthorized Access is Prohibited



Username:

Your security administrator decides whether to require the use of secondary passwords for your account at the time your account is created. When your account requires primary and secondary passwords, you need two passwords to log in. Minimum password length, which the security administrator specifies in your UAF, applies to both passwords.

As with a single password login, the system allots a limited amount of time for the entire login. If you do not enter a secondary password in time, the login period expires.

The following example shows a login that requires primary and secondary passwords:

     WILLOW - A member of the Forest Cluster
         Welcome to OpenVMS on node WILLOW

Username: RWOODS
Password:           [Return]
Password:           [Return]
    Last interactive login on Friday, 11-DEC-1999 10:22
$

Four types of user accounts are available on OpenVMS systems:

• Accounts secured with passwords that you or the security administrator change periodically. This account type is the most common.
• Accounts that always require passwords but prohibit you from changing the password. By locking the password (setting the LOCKPWD flag in the UAF), the security administrator controls all changes made to the password.
• Restricted accounts limit your use of the system and sometimes require a password.
• Open accounts require no password. When you log in to an open account, the system does not prompt you for a password and you do not need to enter one. You can begin entering commands immediately. Because open accounts allow anyone to gain access to the system, they are used only at sites with minimal security requirements.

When you log in from a terminal that is directly connected to a computer, the OpenVMS system displays informational system messages, as shown in the following example.

WILLOW - A member of the Forest Cluster                        (1)
        Unlawful Access is Prohibited

Username:  RWOODS
Password:
    You have the following disconnected process:               (2)
Terminal   Process name    Image name
VTA52:     RWOODS          (none)
Connect to above listed process [YES]: NO
         Welcome to OpenVMS on node WILLOW                     (3)
    Last interactive login on Wednesday,  11-DEC-1999 10:20    (4)
    Last non-interactive login on Monday, 30-NOV-1999 17:39    (5)
        2 failures since last successful login                 (6)

          You have 1 new mail message.                         (7)

  $

Note the following about the example:

1. The announcement message identifies the node (and, if relevant, the OpenVMS Cluster name). It may also warn unauthorized users that unlawful access is prohibited. The system manager or security administrator can control both the appearance and the content of this message.
2. A disconnected process message informs you that your process was disconnected at some time after your last successful login but is still available. You have the option of reconnecting to the old process, in the state it was in before you were disconnected.
   The system displays the disconnected job message only when the following conditions exist:
   • The terminal where the interruption occurred is set up as a virtual terminal.
   • Your terminal is set up as one that can be disconnected.
   • During a recent session, your connection to the central processing unit (CPU) through that terminal was broken before you logged out.
   
   In general, the security administrator should allow you to reconnect to a disconnected job because this ability poses no special problems for system security. However, the security administrator can disable this function by changing the setup on terminals and by disabling virtual terminals on the system. (For information on setting up and reconnecting to virtual terminals, refer to the OpenVMS System Manager's Manual.)
3. A welcome message indicates the version number of the OpenVMS operating system that is running and the name of the node on which you are logged in. The system manager can choose a different message or can suppress the message entirely.
4. The last successful interactive login message provides the time of the last completed login for a local, dialup, or remote login. (The system does not count logins from a subprocess whose parent was one of these types.)
5. The last successful noninteractive login message provides the time the last noninteractive (batch or network) login completed.
6. The number of login failure messages indicates the number of failed attempts at login. (An incorrect password is the only source of login failure that is counted.) To attract your attention, a bell rings after the message appears.
7. The new mail message indicates if you have any unread mail messages.

A security administrator can suppress the announcement and welcome messages, which include node names and operating system identification. Because login procedures differ according to operating system, it is more difficult to log in without this information.

The last login success and failure messages are optional. Your security administrator can enable or disable them as a group. Sites with medium-level or high-level security needs display these messages because they can indicate break-in attempts. In addition, by showing that the system is monitoring logins, these messages can be a deterrent to potential illegal users.

2.3.2 Successful Login Messages

Each time you log in, the system resets the values for the last successful login and the number of login failures. If you access your account interactively and do not specify an incorrect password in your login attempts, you may not see the last successful noninteractive login and login failure messages.

2.4 Types of Logins and Login Classes

Logins can be either interactive or noninteractive. When you log in interactively, you enter a user name and a password. In noninteractive logins, the system performs the identification and authentication for you; you are not prompted for a user name and password.

In addition to interactive and noninteractive logins, the OpenVMS operating system recognizes different classes of logins. How you log in to the system determines the login class to which you belong. Based on your login class, as well as the time of day or day of the week, the system manager controls your access to the system.

2.4.1 Interactive Logins

Interactive logins include the following login classes:

• Local
  You log in from a terminal connected directly to the central processor or from a terminal server that communicates directly with the central processor.
• Dialup
  You log in to a terminal that uses a modem and a telephone line to make a connection to the computer system. Depending on the terminal that your system uses, you might need to execute a few additional steps initially. Your site security administrator can give you the necessary details.
• Remote
  You log in to a node over the network by entering the DCL command SET HOST. For example, to access the remote node HUBBUB, you enter the following command:

  $ SET HOST HUBBUB

  
  If you have access to an account on node HUBBUB, you can log in to that account from your local node. You have access to the facilities on node HUBBUB, but you remain physically connected to your local node.
  For additional information on remote sessions, see Section 2.11.2.

Noninteractive logins include the following:

• Network Logins
  The system performs a network login when you initiate a network task on a remote node, such as displaying the contents of a directory or copying files stored in a directory on another node. Both your current system and the remote system must be nodes in the same network. In the file specification, you identify the target node and provide an access control string, which includes your user name and password for the remote node.
  For example, a network login occurs when user GREG, who has an account on remote node PARIS, enters the following command:

  $ DIRECTORY PARIS"GREG 8G4FR93A"::WORK2:[PUBLIC]*.*;*

  
  This command displays a listing of all the files in the public directory on disk WORK2. It also reveals the password 8G4FR93A. A more secure way to perform the same task would be to use a proxy account on node PARIS. For an example of a proxy login, see Section 19.5.3.

• Batch Logins
  The system performs a batch login when a batch job that you submitted runs. Authorization to build the job is determined at the time the job is submitted. When the system prepares to execute the job, the job controller creates a noninteractive process that logs in to your account. No password is required when the job logs in.