Trashes a GUARDIAN or Alias users password

Version 400, 13Nov2018
Support of up to 64 long Passwords.
Introduction of new Password Generator.

Version 303, 21Oct2010
Password generation enhanced.

Version 302, 19Oct2010
SAFEGUARD password quality attributes are taken into account now.

To control functional users it is necessary, to

- individualize access to functions
- prohibit the logon to functions via passwords 'from scratch'
- enforce the use of command level security type controls

To really prevent the logon to an ID, the password of that ID has to
be trashed, not simply changed. A password change, performed by a person,
always has the disadvantage that the changing person might remember the
password it typed in.

TrashPW solves this dilemma.
TrashPW really trashes the password of a given GUARDIAN or Alias user ID.

The logic is as follows:

  1. SUPER.SUPER is allowed to trash the password of
    - any GUARDIAN user
    - any Alias user
    - his own
  2. Group managers are allowed to trash the password of
    - any GUARDIAN user, being a member of the group
    - any Alias user, being mapped to the group
    - his own
  3. An individual GUARDIAN or Alias user can trash his own password.

To prevent an easy trash, TrashPW asks the user two time if he really wants to trash a password.
Once a password is trashed, there is NO WAY to logon to that user by using a password.

HPE-NonStop Security

Secure your HPE-NonStop system with security software and privileged system products and tools from GreenHouse