HP OpenVMS Systems Documentation
OpenVMS User's Manual
|1||Make sure your terminal is plugged in and the power is turned on.|
Press the Return key to signal the system that you want to log in. You
might need to press Return several times.
The system displays a prompt for your user name:
Enter your user name and press Return. You have approximately 30
seconds to do this; otherwise, the system "times out." If a
timeout occurs, you must start the login procedure
The system displays your user name on the screen as you type it.
The system prompts you for your password:
Enter your password and press Return.
The system does not display your password, which is sometimes referred to as "no echo."
|5||Depending on how your system manager has set up your account, you might be required to enter a second password or to use an automatically generated password (see Section 2.2.4).|
If your login is successful, the system displays a dollar sign ($) in the left margin of your screen. The dollar sign is the default DCL prompt; it indicates that the system is ready to use.
The following example shows a successful login:
[Return] Username: CASEY [Return] Password: [Return] Welcome to OpenVMS on node MARS Last interactive login on Friday, 11-DEC-1999 08:41 Last non-interactive login on Thursday, 10-DEC-1999 11:05 $
If you make a mistake entering your user name or password or if your password has expired, the system displays the message User authorization failure and you are not logged in. If you make a mistake, press Return and try again. If your password has expired, you need to change your password; the system will automatically display the Set Password: prompt. See Section 2.6 for information on changing your password in this instance. If you have any other problems logging in, get help from the person who set up your account.
2.2 Choosing Passwords for Your Account
To choose a secure password, use the following guidelines:
The following table provides examples of secure passwords and high-risk passwords (words that others might easily guess):
|Secure Passwords||High-Risk Passwords|
Words with a strong personal association:
the name of a loved one
the name of your pet
the name of your town
the name of your automobile
A mixed string:
A work-related term:
your company name
a special project
your work group name
Typically, when you learn that an account has been created for you on the system, you are told whether a user password is required. If user passwords are in effect, your system manager will usually assign a specific password for your first login. This password has been placed in the system user authorization file (UAF) with other information about how your account can be used.
It is inadvisable to have passwords that others could easily guess. Ask the person creating the account for you to specify a password that is difficult to guess. If you have no control over the password you are given, you might be given a password that is the same as your first name. If so, change it immediately after you log in. (The use of first or last names as passwords is a practice so well known that it is undesirable from a security standpoint.)
At the time your account is created, you should also be told a minimum
length for your password and whether you can choose your new password
or whether the system generates the password for you.
2.2.2 Changing Your Initial Password
Log in to your account soon after it is created to change your
password. If there is a time lapse from the moment your account is
created until your first login, other users might log in to your
account successfully, gaining a chance to damage the system. Similarly,
if you neglect to change the password or are unable to do so, the
system remains vulnerable. Possible damage depends largely on what
other security measures are in effect. See Section 2.6 for more
information on changing passwords.
2.2.3 Restrictions on Passwords
The system screens passwords for acceptability, as follows:
The system rejects any passwords that it finds in a system dictionary,
that you have used before, and that are shorter than the minimum
password length specified in your UAF.
2.2.4 Types of Passwords
There are several types of passwords recognized by the OpenVMS operating system:
Your security administrator will tell you if you must specify a system password to log in to one or more of the terminals designated for your use. Ask your security administrator for the current system password, how often it changes, and how to obtain the new system password when it does change.
Press the Return key until the terminal responds with the recognition
character, which is commonly a bell.
Enter the system password and press Return:
There is no prompt and the system does not display the characters you type. If you fail to specify the correct system password, the system does not notify you. (Initially, you might think the system is malfunctioning unless you know that a system password is required at that terminal.) If you do not receive a response from the system, assume that you have entered the wrong password and try again.
When you enter the correct system password, you receive the system
announcement message, if there is one, followed by the Username:
prompt. For example:
MAPLE - A member of the Forest Cluster
Your security administrator decides whether to require the use of secondary passwords for your account at the time your account is created. When your account requires primary and secondary passwords, you need two passwords to log in. Minimum password length, which the security administrator specifies in your UAF, applies to both passwords.
As with a single password login, the system allots a limited amount of time for the entire login. If you do not enter a secondary password in time, the login period expires.
The following example shows a login that requires primary and secondary passwords:
WILLOW - A member of the Forest Cluster Welcome to OpenVMS on node WILLOW Username: RWOODS Password: [Return] Password: [Return] Last interactive login on Friday, 11-DEC-1999 10:22 $
Four types of user accounts are available on OpenVMS systems:
When you log in from a terminal that is directly connected to a computer, the OpenVMS system displays informational system messages, as shown in the following example.
WILLOW - A member of the Forest Cluster (1) Unlawful Access is Prohibited Username: RWOODS Password: You have the following disconnected process: (2) Terminal Process name Image name VTA52: RWOODS (none) Connect to above listed process [YES]: NO Welcome to OpenVMS on node WILLOW (3) Last interactive login on Wednesday, 11-DEC-1999 10:20 (4) Last non-interactive login on Monday, 30-NOV-1999 17:39 (5) 2 failures since last successful login (6) You have 1 new mail message. (7) $
Note the following about the example:
A security administrator can suppress the announcement and welcome messages, which include node names and operating system identification. Because login procedures differ according to operating system, it is more difficult to log in without this information.
The last login success and failure messages are optional. Your security
administrator can enable or disable them as a group. Sites with
medium-level or high-level security needs display these messages
because they can indicate break-in attempts. In addition, by showing
that the system is monitoring logins, these messages can be a deterrent
to potential illegal users.
2.3.2 Successful Login Messages
Each time you log in, the system resets the values for the last
successful login and the number of login failures. If you access your
account interactively and do not specify an incorrect password in your
login attempts, you may not see the last successful noninteractive
login and login failure messages.
2.4 Types of Logins and Login Classes
Logins can be either interactive or noninteractive. When you log in interactively, you enter a user name and a password. In noninteractive logins, the system performs the identification and authentication for you; you are not prompted for a user name and password.
In addition to interactive and noninteractive logins, the OpenVMS
operating system recognizes different classes of logins. How you log in
to the system determines the login class to which you
belong. Based on your login class, as well as the time of day or day of
the week, the system manager controls your access to the system.
2.4.1 Interactive Logins
Interactive logins include the following login classes:
$ SET HOST HUBBUB
Noninteractive logins include the following:
$ DIRECTORY PARIS"GREG 8G4FR93A"::WORK2:[PUBLIC]*.*;*