passlen(S-osr5)
passlen --
determine minimum password length of an account
Syntax
cc . . . -lprot -lm
#include <sys/types.h>
#include <sys/security.h>
#include <sys/audit.h>
#include <prot.h>
int passlen (life_dur, login_delay, alphabet_size)
time_t life_dur;
time_t login_delay;
int alphabet_size;
Description
The
passlen
routine returns
the minimum password length according to the algorithm in the
DoD Password Management Guideline (Green Book)
given
the password lifetime duration for an account in seconds,
the argument life_dur;
the
login delay between login attempts in seconds,
the argument login_delay;
and the
alphabet_size
of distinct characters.
Two of the parameters used by the
Guideline
are fixed, namely the size of the alphabet at 26 characters (the argument
alphabet_size should always reflect this) and the
probability of guessing a password at 1 chance in a million.
The formula for min_pass_len is:
Return value
The
passlen
routine returns the result of the calculation rounded up to the nearest
integer so as to err on the side of greater security.
passlen
is always successful and therefore no errors are defined.
Note
If the
lifetime duration, the login delay time, or the guess parameter
changes in the Protected Password
database for this account (or for the system default if those values
are used in an account), it is a good idea to invalidate the password
in case the new parameters require a longer minimum password length.
See also
exp(S-osr5),
floor(S-osr5),
passwd(C),
randomword(S-osr5)
DoD Password Management Guideline (Green Book),
CSC-STD-002-85, 12 April 1985.
Standards conformance
The passlen routine
is an extension of AT&T System V provided by the
Santa Cruz Operation.
© 2005 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 02 June 2005