Help for Set Default Password Parameters 

This window lets you set default password parameters.  An account uses these 
defaults unless specifically overridden by settings in the Modify Password 
Parameters window. 

Enter any number from 0 (zero) to 999 for most of the text input fields and 0 
to 80 for the Maximum password length text input field.  Use the mouse or the 
Tab and Shift-Tab keys to move between text input fields.  

Minimum Change Time (weeks) lets you set the minimum number of weeks that a 
password must be used before it can be changed.  A user's password cannot be 
changed until the minimum time has elapsed.  The Minimum Change Time must be 
less than or equal to the Password Expiration Time (weeks) entry.  A value of 
0 (zero) means no minimum change time is set.  

Password Expiration Time (weeks) lets you set the number of weeks from the 
time the password was last changed until it expires and must be changed.  The 
Password Expiration Time must be less than or equal to the Password Lifetime 
(weeks) entry.  A value of 0 (zero) means that no expiration time is set.  

Password Lifetime (weeks) lets you set the number of weeks a password remains 
valid.  When the password's lifetime is over, and an attempt is made to use 
the password, the user's account is locked and the user cannot log onto the 
system until you explicitly unlock the account (using the Unlock Account 
option).  A value of 0 (zero) means that no password lifetime is set.  

Expiration Warning (days) lets you set the number of days the user is given a 
warning before the password expires.  This value applies to all users; it 
cannot be modified for specific users.  A value of 0 (zero) means no 
expiration warning is given.  

Maximum Password Length (chars) lets you set the maximum number of characters 
required in a password.  The actual maximum is system dependent and is stored 
in the AUTH_MAX_PASSWD_LENGTH variable in the /usr/include/prot.h file.  A 
value of 0 (zero) means the password can be any length.  A 12-character 
password is recommended.  

Password Required lets you select whether or not passwords are required.  
Passwords are mandatory at almost all sites, and it is recommended that you 
require passwords.  If an account has no password, anyone knowing an account 
name can log onto the system.  

User Can Choose Own Password lets you select whether or not users select 
their own passwords.  

If System Generates Password is set, then the user is given the option of 
choosing a system-generated password consisting of a "pronounceable" 
non-English word.  Most security-conscious sites require that the system 
generate passwords.  

If you allow users to choose their own passwords and have system-generated 
passwords, the user can set his or her own password or use a system-generated 
password.  

If Random Password of Chars is set, then the user is given the option of 
choosing a system-generated password consisting of syllables and/or random 
characters, including punctuation marks, numbers, and letters.  

If Random Password of Letters is set, then the user is given the option of 
choosing a system-generated password consisting of random letters.

Perform Triviality Checks tells CMW+ to perform traditional UNIX triviality 
checks on passwords.  It is not necessary to do triviality checks if you use 
long, system-generated passwords.  Triviality checks substantially increase 
the time required to change a password.  

You may cancel the window at any time by selecting the "Cancel" button.  
Selecting the "OK" button brings up a confirmation box so that you can 
confirm your actions.
