Solved

15 Character Passwords on Unix/Solaris.

Posted on 2007-03-27
10
1,478 Views
Last Modified: 2013-12-04
Is there any functionality issues with a 15 character password on UNIX/Solaris machines – or those that communicate with non UNIX/Solaris machines?
0
Comment
Question by:jbowlin
10 Comments
 
LVL 45

Expert Comment

by:Kdo
Comment Utility
Hello jbowlin,

If you're staying within the unix realm, a 15 character password shouldn't be an issue.  (Though that sounds like overkill to me.....)

Some applications, particularly some IBM products, require shorter passwords.


Good Luck,
Kent
0
 
LVL 48

Expert Comment

by:Tintin
Comment Utility
By default Solaris (and most other Unix flavours) will only recognise the first 8 characters of a password.

So if you set your password to

abcdefgh123

You could type in

acbdefgh38udsfkhsfksfu

or

abcdefgh

and your password would be accepted.

You can increase the maximum length of passwords on Solaris =>9 systems to 255 characters, by editing /etc/security/policy.conf and set

CRYPT_ALGORITHMS_ALLOW=1,2a,md5
CRYPT_ALGORITHMS_DEPRECATE=__unix__
CRYPT_DEFAULT=1
0
 
LVL 38

Expert Comment

by:yuzh
Comment Utility
For Solaris you can edit /etc/default/passwd file to have longer password length
PASSLENGTH=x

But keep in mind, many application has a limit to 8 char for
password, eg the old Solstice adm suit for NIS+ etc.
0
 

Author Comment

by:jbowlin
Comment Utility
This is for Solaris 8.
It is a mandated by a Government Agency no choice in the matter.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 48

Expert Comment

by:Tintin
Comment Utility
With Solaris 8, you are stuck with a maximum recognised password length of 8.
0
 
LVL 38

Expert Comment

by:yuzh
Comment Utility
You can set:
PASSLENGTH=15
to require passwords to be a minimum of 15 charts (if you are using /etc/passwd /etc/shadow files) but soem other app
might not like it.  (It can become an app issure, not the OS issue).
0
 
LVL 48

Accepted Solution

by:
Tintin earned 500 total points
Comment Utility
yuzh.

Setting PASSLENGTH to 15 is pretty pointless when the last 7 characters of the password are going to be ignored.
0
 
LVL 14

Expert Comment

by:chris_calabrese
Comment Utility
BTW this was fixed in Solaris 10
0
 
LVL 48

Expert Comment

by:Tintin
Comment Utility
Chris.

Wasn't really "fixed" in Solaris 10.  Solaris =>9 has the option to set MD5 passwords (as used on BSD/Linux) in /etc/security/policy.conf, which has a maximum password length of 255.

Setting PASSLENGTH without changing this setting, still won't make any difference.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Why Shell Scripting? Shell scripting is a powerful method of accessing UNIX systems and it is very flexible. Shell scripts are required when we want to execute a sequence of commands in Unix flavored operating systems. “Shell” is the command line i…
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now