|
HP OpenVMS Systemsask the wizard |
|
The Question is: Hello ! If I have a user with two passwords (assigned using MOD/PASSW=(PW1,PW2) in the UAF), how do I specify the other password in DCL-commands like: $ DIR 20.34"USER PASSWORD":: The Answer is :
As referenced in the note in the section:
http://www.openvms.compaq.com:8000/
72final/6346/6346pro_014.html#setting_primary_sec_pwds
DECnet connections deliberately do not support secondary passwords.
Also, please see:
http://www.openvms.compaq.com:8000/
72final/6346/6346pro_002.html#password_type_table
The purpose of a secondary password is to support a requirement that
two individual users be present in order to log in. The echoing of
the passwords during entry of a DECnet access control string would
allow each of these two individuals to see each other's password, thus
defeating the security provided by the mechanism. In other words, the
expected approach is to use a single password on any username with one
owner.
The current (documented) password mechanism is relied upon as a security
feature by many sites, and thus this capability is extremely unlikely to
be removed or significantly altered in a future OpenVMS release.
If you do not trust individual users to pick reasonable passwords, please
look at password filters, at user education, and at the system-wide
system password mechanism.
For information on requiring specific characters in passwords, and on
using longer passwords, please see topic (4612). Password- and other
authentication-related topics include (1461), (1475), (1645), (2938),
(3233), (3883), (4303), (4778), (5333), (5508), (6328), and (7818).
Among others.
|