home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.sys.sun.admin
- Path: sparky!uunet!paladin.american.edu!gatech!darwin.sura.net!news.duc.auburn.edu!netman!elling
- From: elling@eng.auburn.edu (Richard Elling)
- Subject: Re: How to hack passwd or login
- Message-ID: <1992Dec22.194111.18155@news.duc.auburn.edu>
- Sender: usenet@news.duc.auburn.edu (News Account)
- Nntp-Posting-Host: netman.eng.auburn.edu
- Reply-To: elling@eng.auburn.edu
- Organization: Auburn University Engineering
- References: <1992Dec22.183943.19120@cbnewsi.cb.att.com>
- Date: Tue, 22 Dec 1992 19:41:11 GMT
- Lines: 24
-
- In article 19120@cbnewsi.cb.att.com, ft@cbnewsi.cb.att.com (frederick.d.true) writes:
- >Is the source for Sun's version of passwd available somewhere, so that
- >I might add routines for password robustness?
-
- Solaris 2.x has a more robust passwd program. The scheme it uses is
- to require at least 6 characters, at least 2 alpabetic characters,
- and at least one numeric or special character. Furthermore it must
- be different than the login name or any reverse or circular shift of
- the login name. Lastly, it must differ from the previous password
- by at least 3 characters. For comparison, the alphabetic characters
- are considered case insensitive.
-
- If a user has no password, they must provide one the first time they
- login.
-
- Note that there is no dictionary check. This might not be such a
- problem though since they require a numeric or special character.
-
- ---
- Richard Elling Manager of Network Support
- Auburn University Engineering Administration
- richard.elling@eng.auburn.edu KB4HB [44.100.0.72] (205)844-2280
- Type-5 keyboard survival: xmodmap -e "keysym BackSpace = Delete"
-
-
