Passwords are an important defense against security breaches. User passwords
prevent unauthorized persons from accessing your system. Account passwords
protect the information in an account from users who are not members of the
account. Group passwords allow account users to work in a given group. They
also serve to protect files in the group from users who are not members of it.
Tools for maintaining password security include:
Making user passwords mandatory.
Letting users choose their own passwords.
Making user passwords expire.
Establishing a minimum length for passwords.
If account passwords are created, their use is required for all users. If
group passwords are created, their use is required unless the group is a
user's home group. Individual user passwords may be set as optional or
required. Making individual user passwords required adds another level of
security to the system.
Account level passwords are created and maintained by System Managers. Group
level passwords are created and maintained by Account Managers and System
Managers. User passwords are created and required by System and Account Managers, and
can be changed by users.
 |
| |
|
 | NOTE:
If files are protected by ACDs, only user passwords should be required, and neither account or group passwords, or file lockwords, should be used. |
|
| |
|
Commands Used to Create and Maintain Passwords |
|
System Managers (SM capability) use the commands :NEWACCT, :ALTACCT, and :PURGEACCT to create and maintain accounts. Account passwords can be created at the time an account is created or modified.
Both Account Managers (AM capability) and System Managers use the commands
:NEWGROUP, :ALTGROUP, and :PURGEGROUP to create and maintain
groups. Group passwords can be created at the same time a group is created or
modified.
Both Account and System Managers use the commands :NEWUSER, :ALTUSER, and :PURGEUSER to create and maintain users. User passwords can be created at the time users are created or modified.
