Changes a password or system password. Also, can establish a secondary password or system password, or remove a secondary password. A user password can contain up to 32 alphanumeric and special characters. Unless your system manager has set the PWDMIX flag in your authorization account record, the only special characters permitted are the dollar sign ($) and underscore (_). Without the PWDMIX authorization, all lowercase characters are converted to uppercase before the password is encrypted. For example, "eagle" is the same as "EAGLE." If you have PWDMIX authorization, you can specify uppercase and lowercase alphabetic characters, and you can use any special characters in the printable character set. However, avoid using characters that have special significance for layered products that accept passwords. For example, a double quotation mark (") would be unacceptable in a password in a DECnet access control string. See the qualifier descriptions for restrictions. Format SET PASSWORD
1 – Qualifiers
1.1 /GENERATE
/GENERATE[=value] Generates a list of five random passwords. Press Return to repeat the procedure until a suitable password appears. Value is a number from 1 to 10 that restricts the length of the password. For any value n, the SET PASSWORD command generates passwords of from n to (n+2) characters long. If no value is specified, SET PASSWORD uses a default value of 6, and generates passwords from 6 to 8 characters long. Values greater than 10 are not accepted and produce errors. If your system manager has established a minimum password length for your account, SET PASSWORD/GENERATE=n compares that length with the optional value specified with the /GENERATE qualifier, and uses the larger of the two values. If you do not specify a value with the /GENERATE qualifier, the account minimum length is used. NOTE If the SET PASSWORD/GENERATE command fails to work properly, consult your system manager to be sure that either the file SYS$LIBRARY:VMS$PASSWORD_DICTIONARY.DATA exists, or the logical name VMS$PASSWORD_DICTIONARY is correctly defined.
1.2 /SECONDARY
Creates or allows you to replace a secondary password. The procedure is the same as setting your primary password. Once a secondary password has been established, you will receive two PASSWORD: prompts when logging in. The primary password should be typed in first, followed by the secondary password. Secondary passwords make it possible to set up an account that requires two different people to access it. Each person knows one of the two passwords, and both passwords are required to log in successfully. To remove your secondary password, press Return when SET PASSWORD/SECONDARY prompts you for a new password and verification. After you do this, you will receive a single PASSWORD: prompt when logging in. If you remove the secondary password, your system manager must restore it. The /SECONDARY and /SYSTEM qualifiers are incompatible.
1.3 /SYSTEM
Requires the SECURITY privilege. Changes the system password rather than a user password. A system password can be from 0 to 32 alphanumeric characters. The dollar sign ($) and underscore (_) are also permitted. Uppercase and lowercase characters are equivalent. All lowercase characters are converted to uppercase before the password is encrypted. A system password is valid only for the node it is set on. In an OpenVMS Cluster, each node can have a different system password. If a terminal line has the system password (SYSPWD) characteristic set, no terminal prompts are sent to that terminal until the system password is entered. The /SYSTEM and /SECONDARY qualifiers are incompatible. For more information about the use of system passwords, see the VSI OpenVMS Guide to System Security.
2 – Example
$ SET PASSWORD Old password: HONCHO New password: BIG_ENCHILADA Verification: BIG_ENCHILADA In response to the SET PASSWORD command, the system first prompts for the old password and then for the new password. The system then prompts again for the new password to verify it. The password changes if the user is authorized to change this account's password, if the old password is given correctly, and if the new password is given identically twice; otherwise, an error message appears and the password remains unchanged. In a real session, neither the old password nor the new password and its verification appear on the screen or paper.