HP-NonStop Security

Secure your HP-NonStop system with security software and privileged system products and tools from

GreenHouse Software & Consulting

TrashPW
 
Title: TrashPW Version: 303
  Last Change: 21.10.2010 11:34
Author: Carl Weber Mail: carl.weber[by]greenhouse[to]de
 
Short Description: Trashes a GUARDIAN or Alias users password
 
Description:

Version 303, 21Oct2010
Password generation enhanced.

Version 302, 19Oct2010
SAFEGUARD password quality attributes are taken into account now.

To control functional users it is necessary, to

- individualize access to functions
- prohibit the logon to functions via passwords 'from scratch'
- enforce the use of command level security type controls

To really prevent the logon to an ID, the password of that ID has to
be trashed, not simply changed. A password change, performed by a person,
always has the disadvantage that the changing person might remember the
password it typed in.

TrashPW solves this dilemma.
TrashPW really trashes the password of a given GUARDIAN or Alias user ID.

The logic is as follows:

  1. SUPER.SUPER is allowed to trash the password of
    - any GUARDIAN user
    - any Alias user
    - his own
  2. Group managers are allowed to trash the password of
    - any GUARDIAN user, being a member of the group
    - any Alias user, being mapped to the group
    - his own
  3. An individual GUARDIAN or Alias user can trash his own password.

To prevent an easy trash, TrashPW asks the user two time if he really wants to trash a password.
Once a password is trashed, there is NO WAY to logon to that user by using a password.

Filename: pdf TrashPW.pdf Filesize: 39 KB
Filename: zip TrashPW.zip Filesize: 132 KB

Back