Google
 

Trailing-Edge - PDP-10 Archives - decuslib10-13 - pswchk.doc
There is 1 other file named pswchk.doc in the archive. Click here to see a list.


[PSWCHK.DOC %1; 4-Dec-84]

PSWCHK is a program to analyze the TOPS-10 passwords  contained  in  the
system  accounting  file.  The  purpose of the program is to improve the
overall security of the system by finding poorly chosen user  passwords.
Those   users  can  then  be  advised  of  their  error  (see  the  file
PSWCHK.MAI).

The program can be installed in SYS: or a private directory as  desired.
It  begins  execution  by  prompting the user for a command. The command
syntax is the following:

        PSWCHK>outfile=infile/switches....

where the file specifications default to DSK:MONRPT.RPT (for output) and
STD:ACCT.SYS  (for  input).  If only one file is specified and the equal
sign is omitted, it will be the output file. Any or  all  parts  of  the
command  may  be  omitted,  but  if switches are specified, they must be
last.

At startup the program writes its control data to both the terminal  and
the  output  file.  In  addition,  PSWCHK  supports the GALAXY library's
recognition input ("?", "<esc>", etc.) feature.

The switches determine the type of testing done  by  the  program.  Note
that  each of them can be negated with the prefix "NO" (eg, /NOENCRYPT).
Also,  each   switch   supercedes   earlier   switches.   For   example,
"/NONE/WORDS"  would  cause  the  WORDS  comparison  to be selected, but
"/WORDS/NONE" would result in no comparisons being seleted.

ENCRYPT   The passwords are encoded. The encryption  technique  utilized
          is  the  same  as  used by REACT and LOGIN. Because the method
          cannot  be  inverted,  each   potential   password   must   be
          individually encoded and compared against each password stored
          in the accounting file.

ACCNAME   Compare various formats of  the  user's  accounting  name  (as
          given in the accounting file) against the password.

LOGNAME   Compare various formats of the user's login name (as read from
          the  /NAME switch on the LOGIN line of each user's SWITCH.INI,
          if any) against the password.

WORDS     Compare  each  item  in  a  built-in  list  of  poorly  chosen
          passwords against the password.

ALL       Causes all comparisons to be selected (ie,  ACCNAME,  LOGNAME,
          PPN, WORDS).

NONE      Causes no comparisons to be selected.

The program has been  tested  under  TOPS-10  version  7.02  and  GLXLIB
%1(1172).  It  assumes  the  accounting  file is in the standard TOPS-10
ACCT.SYS format,  but  this  and  the  switch  defaults  can  easily  be
modified.

PSWCHK.DOC                                                        Page 2


The following is a sample  terminal  dialog  demonstrating  the  use  of
PSWCHK.

        .r pswchk
        
        PSWCHK>
        
         Password check beginning at  4-Dec-84 11:36:10
         Report file is DSK:PSWCHK.RPT
         Examining file STD:ACCT.SYS
         Switches are:  /ENCRYPT /WORDS /ACCNAME /LOGNAME /PPN
        
         Password check finished at  4-Dec-84 12:28:23
         3 matches found in 1410 accounts
        
        PSWCHK>^C
        
        .type pswchk.rpt
        
         Password check beginning at  4-Dec-84 11:36:10
         Report file is DSK:PSWCHK.RPT
         Examining file STD:ACCT.SYS
         Switches are:  /ENCRYPT /WORDS /ACCNAME /LOGNAME /PPN
        
               PPN          User Name     Type      Password
        
         [123,76543]        J.SMITH       lgnnam    JIM
         [2323,4545]        JONES         lgnnam    AJONES
         [6565,23423]       T.HAZELTON    accnam    HAZEL
        
         Password check finished at  4-Dec-84 12:28:22
         3 matches found in 1410 accounts


Note that the user accepted the default command. This was equivalent  to
typing "DSK:PSWCHK.RPT=STD:ACCT.SYS/ENCRYPT/ALL".