Sybase NNTP forums - End Of Life (EOL)

The NNTP forums from Sybase - forums.sybase.com - are now closed.

All new questions should be directed to the appropriate forum at the SAP Community Network (SCN).

Individual products have links to the respective forums on SCN, or you can go to SCN and search for your product in the search box (upper right corner) to find your specific developer center.

Additional password checks

6 posts in Product Futures Discussion Last posting was on 2002-01-17 20:56:26.0Z
Carl Kayser Posted on 2002-01-10 12:56:19.0Z
From: "Carl Kayser" <kayser_c@bls.gov>
Subject: Additional password checks
Date: Thu, 10 Jan 2002 07:56:19 -0500
Lines: 7
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 5.50.4133.2400
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Message-ID: <iLN9$bdmBHA.297@forums.sybase.com>
Newsgroups: sybase.public.ase.product_futures_discussion
NNTP-Posting-Host: 146.142.35.25
Path: forums-1-dub!forums-master.sybase.com!forums.sybase.com
Xref: forums-1-dub sybase.public.ase.product_futures_discussion:952
Article PK: 95191

Allow for additional configure options: "check password for lower case
character", "check password for upper case character", and "check password
for special character". It might also be desirable to have "check password
for not having a special character" since there can be problems if a user
uses special characters and does not enclose them in quotes.


Bret Halford Posted on 2002-01-10 22:37:35.0Z
Message-ID: <3C3E17AF.12C0F7F9@sybase.com>
Date: Thu, 10 Jan 2002 15:37:35 -0700
From: Bret Halford <bret@sybase.com>
Organization: Sybase, Inc.
X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U)
X-Accept-Language: en
MIME-Version: 1.0
Subject: Re: Additional password checks
References: <iLN9$bdmBHA.297@forums.sybase.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Newsgroups: sybase.public.ase.product_futures_discussion
Lines: 22
NNTP-Posting-Host: 157.133.80.180
Path: forums-1-dub!forums-master.sybase.com!forums.sybase.com
Xref: forums-1-dub sybase.public.ase.product_futures_discussion:947
Article PK: 95188


Carl Kayser wrote:

> Allow for additional configure options: "check password for lower case
> character", "check password for upper case character", and "check password
> for special character". It might also be desirable to have "check password
> for not having a special character" since there can be problems if a user
> uses special characters and does not enclose them in quotes.

Rather than add any number of configuration parameters ("but I want to
be able to force users to have *two* digits in their password"), I would
prefer to see
a general method for creating arbitrary user-defined rules that ASE would
enforce when
passwords are created. One can, of course, currently modify sp_password
to include any rules or checks desired, but it is possible to bypass
sp_password
entirely, so that isn't a robust solution.

-bret


Roger Broadbent Posted on 2002-01-15 11:15:54.0Z
From: "Roger Broadbent" <RBroadbent@wilco-int.com>
References: <iLN9$bdmBHA.297@forums.sybase.com> <3C3E17AF.12C0F7F9@sybase.com>
Subject: Re: Additional password checks
Date: Tue, 15 Jan 2002 11:15:54 -0000
Lines: 40
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 5.00.2314.1300
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300
Message-ID: <Is12FbbnBHA.245@forums.sybase.com>
Newsgroups: sybase.public.ase.product_futures_discussion
NNTP-Posting-Host: wilcohost-180.wilco-int.com 212.36.174.180
Path: forums-1-dub!forums-master.sybase.com!forums.sybase.com
Xref: forums-1-dub sybase.public.ase.product_futures_discussion:930
Article PK: 95168

I suppose what is required is effectively a validation trigger on syslogins
that calls a user-defineable stored procedure. I've never tried to add
triggers to system tables - is this possible for mere mortals?

--
Roger Broadbent
Technical Consultant
Wilco International Ltd

Bret Halford <bret@sybase.com> wrote in message
news:3C3E17AF.12C0F7F9@sybase.com...
>
>
> Carl Kayser wrote:
>
> > Allow for additional configure options: "check password for lower case
> > character", "check password for upper case character", and "check
password
> > for special character". It might also be desirable to have "check
password
> > for not having a special character" since there can be problems if a
user
> > uses special characters and does not enclose them in quotes.
>
> Rather than add any number of configuration parameters ("but I want to
> be able to force users to have *two* digits in their password"), I would
> prefer to see
> a general method for creating arbitrary user-defined rules that ASE would
> enforce when
> passwords are created. One can, of course, currently modify sp_password
> to include any rules or checks desired, but it is possible to bypass
> sp_password
> entirely, so that isn't a robust solution.
>
> -bret
>
>


Bret Halford Posted on 2002-01-15 17:02:00.0Z
Message-ID: <3C446088.9B948F79@sybase.com>
Date: Tue, 15 Jan 2002 10:02:00 -0700
From: Bret Halford <bret@sybase.com>
Organization: Sybase, Inc.
X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U)
X-Accept-Language: en
MIME-Version: 1.0
Subject: Re: Additional password checks
References: <iLN9$bdmBHA.297@forums.sybase.com> <3C3E17AF.12C0F7F9@sybase.com> <Is12FbbnBHA.245@forums.sybase.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Newsgroups: sybase.public.ase.product_futures_discussion
Lines: 46
NNTP-Posting-Host: 130.214.8.46
Path: forums-1-dub!forums-master.sybase.com!forums.sybase.com
Xref: forums-1-dub sybase.public.ase.product_futures_discussion:927
Article PK: 94454

No, adding triggers to system tables currently isn't possible at all.
And I dont' think it would help here - the password is already encrypted by the

time it hits syslogins, and so the trigger really can't check it.

What is needed is more of a hook into the built-in function set_password()
(which is the guts of sp_password) to allow the SSO to specify an arbitrary
filter that
would check all new passwords.

-bret

Roger Broadbent wrote:

> I suppose what is required is effectively a validation trigger on syslogins
> that calls a user-defineable stored procedure. I've never tried to add
> triggers to system tables - is this possible for mere mortals?
>
> --
> Roger Broadbent
> Technical Consultant
> Wilco International Ltd
>
> Bret Halford <bret@sybase.com> wrote in message
> news:3C3E17AF.12C0F7F9@sybase.com...
> >
> >
> > Carl Kayser wrote:
> >
> > > Allow for additional configure options: "check password for lower case
> > > character", "check password for upper case character", and "check
> password
> > > for special character". It might also be desirable to have "check
> password
> > > for not having a special character" since there can be problems if a
> user
> > > uses special characters and does not enclose them in quotes.
> >
> > Rather than add any number of configuration parameters ("but I want to
> > be able to force users to have *two* digits in their password"), I would
> > prefer to see
> > a general method for creating arbitrary user-defined rules that ASE would
> > enforce when
> > passwords are created. One can, of course, currently modify sp_password
> > to include any rules or checks desired, but it is possible to bypass
> > sp_password
> > entirely, so that isn't a robust solution.
> >
> > -bret
> >
> >


Rob Verschoor Posted on 2002-01-15 18:44:39.0Z
Reply-To: "Rob Verschoor" <rob@sypron.nl>
From: "Rob Verschoor" <rob@sypron.nl>
References: <iLN9$bdmBHA.297@forums.sybase.com> <3C3E17AF.12C0F7F9@sybase.com> <Is12FbbnBHA.245@forums.sybase.com> <3C446088.9B948F79@sybase.com>
Subject: Re: Additional password checks
Date: Tue, 15 Jan 2002 19:44:39 +0100
Lines: 20
Organization: Sypron B.V.
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 5.00.2919.6600
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600
Message-ID: <tSTofZfnBHA.266@forums.sybase.com>
Newsgroups: sybase.public.ase.product_futures_discussion
NNTP-Posting-Host: p0305.spl.euronet.nl 194.134.112.49
Path: forums-1-dub!forums-master.sybase.com!forums.sybase.com
Xref: forums-1-dub sybase.public.ase.product_futures_discussion:925
Article PK: 94451

"Bret Halford" <bret@sybase.com> wrote in message
news:3C446088.9B948F79@sybase.com...
[...]

> What is needed is more of a hook into the built-in function
set_password()
> (which is the guts of sp_password) to allow the SSO to specify an
arbitrary
> filter that would check all new passwords.

Indeed. Something along the lines of an access rule (new feature in
12.5) might do the job. This could do some pattern matching to ensure
a variety of conditions, such as requiring at least one uppercase, one
lowercase and two numeric characters (just an example).

Rob V.
>
> -bret
>


Niles Posted on 2002-01-17 20:56:26.0Z
From: "Niles" <nilesh_ngw@yahoo.com>
References: <iLN9$bdmBHA.297@forums.sybase.com> <3C3E17AF.12C0F7F9@sybase.com> <Is12FbbnBHA.245@forums.sybase.com> <3C446088.9B948F79@sybase.com> <tSTofZfnBHA.266@forums.sybase.com>
Subject: Re: Additional password checks
Date: Thu, 17 Jan 2002 15:56:26 -0500
Lines: 27
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-ID: <087Wmi5nBHA.374@forums.sybase.com>
Newsgroups: sybase.public.ase.product_futures_discussion
NNTP-Posting-Host: 198.143.16.242
Path: forums-1-dub!forums-master.sybase.com!forums.sybase.com
Xref: forums-1-dub sybase.public.ase.product_futures_discussion:919
Article PK: 94458

as such we can modify the sp_password..to add more checks for password

"Rob Verschoor" <rob@sypron.nl> wrote in message
news:tSTofZfnBHA.266@forums.sybase.com...
> "Bret Halford" <bret@sybase.com> wrote in message
> news:3C446088.9B948F79@sybase.com...
> [...]
> > What is needed is more of a hook into the built-in function
> set_password()
> > (which is the guts of sp_password) to allow the SSO to specify an
> arbitrary
> > filter that would check all new passwords.
>
> Indeed. Something along the lines of an access rule (new feature in
> 12.5) might do the job. This could do some pattern matching to ensure
> a variety of conditions, such as requiring at least one uppercase, one
> lowercase and two numeric characters (just an example).
>
> Rob V.
> >
> > -bret
> >
>
>