The Question is:
Which User Ids should we be concerned with changing passwords on to ensure people can not get in and change or alter the data on our VMS System? (i.e. System, fasttrack, dis$manager, systest, tcpip$bind, field, etc.)
Also which ones should not change the passwords on because it would impare operations of VMS?
The Answer is :
Your first concerns involve the privileged usernames and the
non-privilged usernames with (uncontrolled) access (read or
read-write) to your sensitive data.
For information on securing your OpenVMS system, please see the
system security manual, and particularly the "C2" information.
Passwords are the front door, but there are other concerns and
considerations here, including auditing and access controls.
Usernames related to DECnet, FTP, and network services tend to
have specific requirements for password changes, and require
several steps to change. (eg: various DECnet objects can have
the SYSUAF password recorded in the NCP databases, and these
must be kept in synchronization across all cluster members.)