Logins can be either interactive or noninteractive.
When you log in interactively, you enter an OpenVMS user name and
a password. In noninteractive logins, the system performs the identification
and authentication for you; you are not prompted for a user name and
password. (The term interactive, as used here,
differs from an interactive mode process defined by the DCL lexical
function F$MODE(). For a description of the F$MODE function, see the HP OpenVMS DCL Dictionary.)
In addition to interactive and noninteractive
logins, the OpenVMS operating system recognizes different classes
of logins. How you log in to the system determines the login class to which you belong. Based on your login
class, as well as the time of day or day of the week, the system manager
controls your access to the system.
Logging In Interactively: Local, Dialup, and Remote Logins
Interactive logins include the following login
You log in from a terminal connected directly to the
central processor or from a terminal server that communicates directly
with the central processor.
You log in to a terminal that uses a modem and a telephone
line to make a connection to the computer system. Depending on the
terminal that your system uses, you might need to execute a few additional
steps. Your site security administrator can give you the necessary
You log in to a node over the
network by entering the DCL command SET HOST. For
example, to access the remote node HUBBUB, enter the following command:
If you have access to an account on node HUBBUB,
you can log in to that account from your local node. You have access
to the facilities on node HUBBUB, but you remain physically connected
to your local node.
Logging In Using External Authentication
If you are an externally authenticated user, you log in by entering your external user ID and password
at the OpenVMS login prompts. Your external user ID may or may not
be the same as your OpenVMS user name.
See “Enabling External Authentication” for more information on logging in
with external authentication enabled on your system.
Reading Informational Messages
When you log in from a terminal that is directly
connected to a computer, the OpenVMS system displays informational
system messages. “Local Login Messages” illustrates most of these messages.
Example 3-1 Local Login Messages
WILLOW - A member of the Forest Cluster 
Unlawful Access is Prohibited
You have the following disconnected process: 
Terminal Process name Image name
VTA52: RWOODS (none)
Connect to above listed process [YES]:
Welcome to OpenVMS on node WILLOW 
Last interactive login on Wednesday, 3-DEC-2008 10:20 
Last non-interactive login on Monday, 1-DEC-2008 17:39 
2 failures since last successful login 
You have 1 new mail message. 
The preceding example illustrates the following:
The announcement message
identifies the node (and, if relevant, the cluster). It may also warn
unauthorized users that unlawful access is prohibited. The system
manager or security administrator can control both the appearance
and the content of this message.
A disconnected job message
informs you that your process was disconnected at some time after
your last successful login but is still available. You have the option
of reconnecting to the old process and returning your process to its
state before you were disconnected.
The system displays the disconnected
job message only when the following conditions exist:
The terminal where the
interruption occurred is set up as a virtual terminal.
Your terminal is set up
as one that can be disconnected.
During a recent session,
your connection to the central processing unit (CPU) through that
terminal was broken before you logged out.
In general, the security administrator should allow you
to reconnect to a disconnected job because this ability poses no special
problems for system security. However, the security administrator
can disable this function by changing the setup on terminals and by
disabling virtual terminals on the system.
A welcome message indicates
the version number of the OpenVMS operating system that is running
and the name of the node on which you are logged in. The system manager
can choose a different message or can suppress the message entirely.
The last successful interactive
login message provides the time of the last completed login for a
local, dialup, or remote login. (The system does not count logins
from a subprocess whose parent was one of these types.)
The last successful noninteractive
login message provides the time the last noninteractive (batch or
network) login finished.
The number of login failures
message indicates the number of failed attempts at login. (An incorrect
password is the only source of login failure that is counted.) To
attract your attention, a bell rings after the message appears.
The new mail message indicates
if you have any new mail messages.
A security administrator can suppress the announcement
and welcome messages, which include node names and operating system
identification. Because login procedures differ from system to system,
it is more difficult to log in without this information.
The last login success and failure messages are
optional. Your security administrator can enable or disable them as
a group. Sites with medium-level or high-level security needs display
these messages because they can indicate break-in attempts. In addition,
by showing that the system is monitoring logins, these messages can
be a deterrent to potential illegal users.
Each time you log in, the system resets the values
for the last successful login and the number of login failures. If
you access your account interactively and do not specify an incorrect
password in your login attempts, you may not see the last successful
noninteractive login and login failure messages.
When the System Logs In for You: Network and Batch Logins
Noninteractive logins include network logins and
The system performs a network login when you start
a network task on a remote node, such as displaying the contents of
a directory or copying files stored in a directory on another node.
Both your current system and the remote system must be nodes in the
same network. In the file specification, you identify the target node
and provide an access control string, which includes your user name
and password for the remote node.
For example, a network login occurs when user
Greg, who has an account on remote node PARIS, enters the following
$DIRECTORY PARIS"GREG 8G4FR93A"::WORK2:[PUBLIC]*.*;*
This command displays a listing of all the files
in the public directory on disk WORK2. It also reveals the password
8G4FR93A. A more secure way to perform the same task would be to use
a proxy account on node PARIS. For an example of a proxy login, see “Using Proxy Login Accounts to Protect Passwords”.
The system performs a batch login when a batch
job that you submitted runs. Authorization to build the job is determined
at the time the job is submitted. When the system prepares to execute
the job, the job controller creates a noninteractive process that
logs in to your account. No password is required when the job logs