|
HP OpenVMS Systemsask the wizard |
|
The Question is: We have about 25 users who all sign-on as the same user, "Controls," using the same password. I would like to set up individual user names with unique passwords but have all of the specifications that "Controls" has. How do I go about doing this? Can I use a command like, Copy (all of Controls specs to new user, SOSANDSO) instead of using Add and typing all of Controls specs? I would also like to add /Generate_ Password at the end of the command so that the user will have to change the password when they first log on. If you could help me with this or steer me in the right direction, I would be forever grateful. Thanks! The Answer is : The appropriate choices and settings for security attributes are obviously dependent on the value of the information, and on the risk(s) and implication(s) of exposure of the information. To create new users using an existing user as a pattern, use the UAF COPY command, specifying a unique UIC member number for each user, and using the same UIC group as the CONTROLS user. To specify the need for the user to change the password, use the /PWDEXP qualifier. Enabling the password generator will probably not be popular with your users. Leave it reserved it for those users that are unable or unwilling to pick good passwords for themselves. As an incremental improvement to your existing (non)security, I would leave the password user-selectable (not generated), and I would enforce a password length of 10 to 14 characters, and I would also provide constructive password information to the users such as: o do not use the name of your spouse, friend, dog or cat. o do use a dollar sign, underscore, or numeric. o do not use a single word. o do use a phrase or a group of unrelated words. I would encourage you to add entries to the password dictionary that will encourage the use of correct passwords. And I would encourage you to force password changes between once a month and once every six months. Also see the _OpenVMS Guide to System Security_ manual for additional information.
|