HP OpenVMS Systems

ask the wizard
Content starts here

Password and system security?

» close window

The Question is:

Which User Ids should we be concerned with changing passwords on to ensure people can not get in and change or alter the data on our VMS System?  (i.e. System, fasttrack, dis$manager, systest, tcpip$bind, field, etc.)
Also which ones should not change the passwords on because it would impare operations of VMS?

The Answer is :

  Your first concerns involve the privileged usernames and the
  non-privilged usernames with (uncontrolled) access (read or
  read-write) to your sensitive data.
  For information on securing your OpenVMS system, please see the
  system security manual, and particularly the "C2" information.
  Passwords are the front door, but there are other concerns and
  considerations here, including auditing and access controls.
  Usernames related to DECnet, FTP, and network services tend to
  have specific requirements for password changes, and require
  several steps to change.  (eg: various DECnet objects can have
  the SYSUAF password recorded in the NCP databases, and these
  must be kept in synchronization across all cluster members.)

answer written or last revised on ( 2-MAR-2000 )

» close window