DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH
 

passlen(S)


passlen -- determine minimum password length of an account

Syntax

cc . . . -lprot -lm

#include <sys/types.h>
#include <sys/security.h>
#include <sys/audit.h>
#include <prot.h>

int passlen (life_dur, login_delay, alphabet_size) time_t life_dur; time_t login_delay; int alphabet_size;

Description

The passlen routine returns the minimum password length according to the algorithm in the DoD Password Management Guideline (Green Book) given the password lifetime duration for an account in seconds, the argument life_dur; the login delay between login attempts in seconds, the argument login_delay; and the alphabet_size of distinct characters. Two of the parameters used by the Guideline are fixed, namely the size of the alphabet at 26 characters (the argument alphabet_size should always reflect this) and the probability of guessing a password at 1 chance in a million.

The formula for min_pass_len is:

Return value

The passlen routine returns the result of the calculation rounded up to the nearest integer so as to err on the side of greater security. passlen is always successful and therefore no errors are defined.

Note

If the lifetime duration, the login delay time, or the guess parameter changes in the Protected Password database for this account (or for the system default if those values are used in an account), it is a good idea to invalidate the password in case the new parameters require a longer minimum password length.

See also

exp(S), floor(S), passwd(C), randomword(S)
DoD Password Management Guideline (Green Book),
CSC-STD-002-85, 12 April 1985.

Standards conformance

The passlen routine is an extension of AT&T System V provided by the Santa Cruz Operation.
© 2003 Caldera International, Inc. All rights reserved.
SCO OpenServer Release 5.0.7 -- 11 February 2003