1 /ALGORITHM
/ALGORITHM=keyword
Selects a specific password generation algorithm.
The valid keywords for this qualifier are ALPHABETIC and
MIXED_CHARACTER. These keywords are mutually exclusive and cannot
be negated. The /ALGORITHM qualifier requires the /GENERATE qualifier.
Keyword Explanation
ALPHABETIC Selects the alphabetic password generator. (Formerly
the only password generator)
MIXED_CHARACTER Selects the mixed-character password generator.
Mixed-character passwords are valid only for users
with the PwdMix flag set in their user authorization
records.
2 /GENERATE
/GENERATE[=value]
Generates a list of five random passwords. Press Return to repeat
the procedure until a suitable password appears.
There are two password generators, an alphabetic generator and a
mixed-case generator. The alphabetic generator attempts to produce
English-like non-words. The mixed-case generator produces passwords
containing upper case, lower case, numbers and non-white-space symbols.
The mixed-case generator makes no attempt to produce memorable or
easy-to-pronounce passwords.
Accounts without the PwdMix flag set will use the alphabetic generator
by default and those with the PwdMix flag set will use the mixed-
case generator by default. To select a specific generator, use
the /ALGORITHM qualifier.
Value is a number from 1 to 32 that restricts the length of the
password. For any value n, the SET PASSWORD command generates
alphabetic passwords of from n to (n+2) characters long. As a
consequence, values of 30, 31 or 32 are treated as 30 and thus it
is possible that a request for a 31 or 32-character generated
password may result in some passwords shorter than requested.
The mixed-case generator always generates passwords of the
requested length.
If your system manager has established a minimum password length
for your account, SET PASSWORD/GENERATE=n compares that length
with the optional value specified with the /GENERATE qualifier,
and uses the larger of the two values. If you do not specify a
value with the /GENERATE qualifier, the account minimum length is
used.
NOTE
If the SET PASSWORD/GENERATE command fails to work properly,
consult your system manager to be sure that either the file
SYS$LIBRARY:VMS$PASSWORD_DICTIONARY.DATA exists, or the
logical name VMS$PASSWORD_DICTIONARY is correctly defined.
3 /SECONDARY
Creates or allows you to replace a secondary password. The
procedure is the same as setting your primary password.
Once a secondary password has been established, you will receive
two PASSWORD: prompts when logging in. The primary password
should be typed in first, followed by the secondary password.
Secondary passwords make it possible to set up an account that
requires two different people to access it. Each person knows one
of the two passwords, and both passwords are required to log in
successfully.
To remove your secondary password, press Return when SET
PASSWORD/SECONDARY prompts you for a new password and
verification. After you do this, you will receive a single
PASSWORD: prompt when logging in. If you remove the secondary
password, your system manager must restore it.
The /SECONDARY and /SYSTEM qualifiers are incompatible.
4 /SYSTEM
Requires the SECURITY privilege.
Changes the system password rather than a user password.
A system password can be from 0 to 32 alphanumeric characters.
The dollar sign ($) and underscore (_) are also permitted.
Uppercase and lowercase characters are equivalent. All lowercase
characters are converted to uppercase before the password is
encrypted.
A system password is valid only for the node it is set on. In an
OpenVMS Cluster, each node can have a different system password.
If a terminal line has the system password (SYSPWD)
characteristic set, no terminal prompts are sent to that terminal
until the system password is entered.
The /SYSTEM and /SECONDARY qualifiers are incompatible. For more
information about the use of system passwords, see the VSI OpenVMS
Guide to System Security.