From Wiki-UX.info

Wiki-UX / How to generate new User Passwords to enforce Security Policies
Jump to: navigation, search

How to generate new User Passwords to enforce Security Policies

Abstract

The following article explains how to delete the user's password and return a random password that the user must later supply to the login process to login and pick a new password on a Trusted System.

This may be required when new password policies must needs to be enforced. Is common to reset the users password and request that a new one is chose on next login.

Contents


Procedure

1. Create a list of the logins which passwords will be generated. This can be done manually or based on the current /etc/passwd file. For example:

# awk -F":" '{print $1}' /etc/passwd > /tmp/logins
# cat /tmp/logins
charles
izurieta
...

2. Edit the /etc/passwd file and remove the standard HP-UX system accounts, including root. Many of this accounts not even have passwords defined.

3. Use the modprpw -x command to create a new password for each account. The following script can be used to set the passwords for all the logins in the /tmp/logins file. The new passwords are store at /tmp/modprpw.stdout file.

> /tmp/modprpw.stdout
 
for login in $(cat /tmp/logins)
do
printf "%-20s\t" $login >> /tmp/modprpw.stdout
/usr/lbin/modprpw -x $login >> /tmp/modprpw.stdout
done

3. Check the new passwords for the users. For example:

# cat /tmp/modprpw.stdout
izurieta                passwd=diwitvap
charles                 passwd=geildani

Reference

Authors

This page was last modified on 21 October 2009, at 15:44. This page has been accessed 1,468 times.