Originally posted by: help4u

Hai,

Can you pl tell how to set miniumum uppercase and lowercase in password policy.
#AIX-Forum

Originally posted by: SystemAdmin

On AIX, you can do additional testing for inadequate passwords using the pwdchecks sentence for the default user in /etc/security/user;
e.g.

pwdchecks = /etc/security/pwdrestrict

You will have to write your own password checking program, but this isn't too difficult.
#AIX-Forum

Originally posted by: Casey_B

Although you can't check for specifically uppercase and lowercase, in the same file /etc/security/user,
you can set checks for minalpha, minother, minlen.

That might be a good interim solution until you finish a more permanent solution.

Hope this helps

Casey
#AIX-Forum

Originally posted by: help4u

Hai George,

I appreciate your reply, pl provide the password program for reference.

I am not strang in script and program.
#AIX-Forum

Originally posted by: SystemAdmin

Hi,

The enclosed pwdrestrict.c checks that:

1. login is not same as password;
2. password is not same as previous password;
3. password contains at least one lower-case, upper-case, and digit character.

We don't actually use the third check; added for you. You can further modify the requirements to suit your site. Compile details are in the comments.

You can store the pwdrestrict executable in /usr/lib and change the default user to:
pwdchecks = pwdrestrict
or store it in /etc/security and change the default user to:
pwdchecks = /etc/security/pwdrestrict

Regards,

George
#AIX-Forum