We have Private as well, and my understanding is that it is not being
significantly enhanced any longer.  Also, Private will age passwords as
a function of time, but I'm not aware that it ages by number of logons
per user.  If I'm incorrect, I ask forgiveness.

Security/3000 from VeSoft ($) and SAFE/3000 from Monterey Software
($$$) are two other excellent security packages which you might
investigate.  SAFE/3000 does *NOT* use logon UDCs but integrates with
the OS via the AIF.  We're still considering moving to the latter
product.

Lee Gunter              [log in to unmask]
HMO Oregon


______________________________ Reply Separator _________________________________
Subject: Re: Security re User Passwords
Author:  Bryan O'Halloran <[log in to unmask]> at ~INTERNET
Date:    10/10/96 1:08 AM


Debbie Blumenthal asked

>A question for all you experts...

>We've been discussing certain security aspects here, specifically
>for the HP3000.  There are (at least) two goals:

>- specify a number of sign-ons (preferrably allowed to set number by
>Userid), after which the user is prompted for a new password.

>- limit number of concurrent sign-ons under same Userid, if possible,
>by time of day (i.e. limit of 10 "USERX" 9am - 4pm)

Private from O.C.S. will perform the above.  It works on using logon UDCs
which is a bit of a problem because incoming FTP users can bypass it.  We
bought it so long ago that I am not sure of the price but I think was in
the expensive end of the market.



Bryan O'Halloran