OpenVMS Password Policysm

PARSEC's OpenVMS Password Policy software.

PARSEC Group has developed an easy-to-implement, site-specific, password policy for OpenVMS V6.2 and later systems. This allows more control and enforcement of password policies than what is built into OpenVMS. Read Password Policies for more general information about setting up a policy.

Character Sets

The character set used for passwords is divided into four groups of characters. These are:

  • Upper-case characters (A-Z)
  • Lower-case characters (a-z) - Note: available with OpenVMS V7.3-2 and later
  • Numeric characters (0-9)
  • Other characters

Many password policies require the use of multiple characters from each group which makes it tougher for a hacker to guess. Using all groups of characters guarantees that it is not in a dictionary and provides many more combinations of characters for a more secure password. The policy should disallow the use of the username and several other common practices as part of the password. Once a policy has been set up, the operating system should enforce the policy as much as reasonable since some users may not be trusted to follow it and others might forget some details.

Password Policy Features

The PARSEC Group OpenVMS Password Policysm is a flexible module that may be configured using logical names. Basic password policy features include:

  • Minimum number of groups of characters required
    Users may be required to use characters from multiple groups of characters. On versions of OpenVMS which do not support lower-case characters, and for accounts which have not had this feature enabled, lower-case characters will not be required.
  • Minimum number of characters from each group
    Users may be required to use a minimum number of characters from each of the four groups
  • Limit number of repeated characters
    Passwords such as "testing777" may be prevented due to the same character being repeated too many times
  • Limit number of sequenced characters
    Passwords such as "testing123" and "321blastoff" may be prevented due to too many characters in a sequence
  • Prevent use of username
    The username may be prevented from being a portion of the password
  • Prevent use of owner
    The user may be prevented from using any component of the owner field longer than one character as part of the password
  • Prevent use of passwords found in past breaches
    The user may be prevented from using any password which has been found in previous data breaches
  • Minimum password length
    A system-wide minimum password length may be set to prevent an account from being intentionally or unintentionally set with too few characters
Other features include:
  • Maximum Length Checked
    The policy may be set to be enforced within the first portion of the password. For example, a user could specify a 30-character password, but the minimum number of character groups and the minimum number of groups of characters may be required to be present in the first 12 characters.
  • Notification
    The user may be notified about which portions of the policy that is not met by their chosen password. This makes it easier for them to choose a secure password.
  • Hash Value Check
    The hashed value of the password may also be checked. While the user does not directly control this, a weak hashed value can make passwords easier to compromise.
  • Account Exclusion
    Specific accounts may be excluded from enforcement of the policy based on corporate needs.

System Requirements

Requirements: One of the following versions of OpenVMS is required:

  • VSI OpenVMS I64 V8.4-1H1 or later
  • HP OpenVMS I64 V8.2 or later
  • VSI OpenVMS Alpha V8.4-2L1 or later
  • HP OpenVMS Alpha V6.2 or later
  • OpenVMS VAX V6.2 or later

You may download the PCSI kit for the password policy or review the on-line documentation. Right-click on the link and choose "Save link as..." to save the file on your PC and then transfer it to your OpenVMS system for installation using FTP. Before installing, be sure to request a license from PARSEC Group.

If this policy does not meet your needs, please contact us about developing a custom password policy based on your security policy.

Request a Demo License or Additional Information

Contact Submitted

Your information has been sent to PARSEC Group. You should receive a response back within one business day.

Cookie Manager

We use cookies to enhance the features of our web site. We don't set optional cookies unless you enable them. Using this tool sets a cookie on your device to remember your preferences. For more detailed information about the cookies we use, see our Cookies page.

Necessary Cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

Preference Cookies

Preference cookies enable this site to remember information that changes the way the website behaves or looks.

Statistics Cookies

Statistic cookies help us to understand how visitors interact with the site by collecting and reporting information anonymously.

Marketing Cookies

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.