Change password to blank password

landog · February 25, 2013, 9:35am

AIX 6.1

User has a password set.
It needs to be a blank password (no password).

smit passwd
enter user name
at change password and confirm password, just press ENTER

Afterwards, I could not log on with blank password or with original password.

How can I change the password to a blank password??

Thanks...

MichaelFelt · February 25, 2013, 5:19pm

If the login is failing because you need a passwordless login by a script, and the script is failing - it is probably because the ADMCHG flag is still set.

Note: passwordless is not recommended. Use the following at your own (companies) risk!

michael@x054:[/]pwdadm test0001
Changing password for "test0001"
test0001's New password: 

3004-602 The required password characteristics are:
        a maximum of 8 repeated characters.
        a minimum of 4 characters not found in old password.
        a minimum of 2 alphabetic characters.
        a minimum of 2 non-alphabetic characters.
        a minimum of 8 characters in length.


3004-603 Your password must have:
        a minimum of 4 characters not found in old password.
        a minimum of 2 non-alphabetic characters.
        a minimum of 8 characters in length.
test0001's New password: 
Enter the new password again:
michael@x054:[/]pwdadm -q test0001
test0001: 
        lastupdate = 1361830098
        flags = ADMCHG


michael@x054:[/]grep -p test0001 /etc/security/passwd 
test0001:
        password = {ssha512}06$ssCPpi0nCu7juMBJ$JyZKPfkmLl0Y.7bgLbVQIw1V.flPaptjEiUXWVpbBPC6Khj9kcprkae4Xd9FYqItjaEPY7kA7lULiVeHS4zl..
        lastupdate = 1361830098
        flags = ADMCHG

michael@x054:[/]
michael@x054:[/]pwdadm -f NOCHECK test0001
michael@x054:[/]pwdadm -q test0001
test0001: 
        lastupdate = 1361830098
        flags = NOCHECK

michael@x054:[/]grep -p test0001 /etc/security/passwd
test0001:
        password = {ssha512}06$ssCPpi0nCu7juMBJ$JyZKPfkmLl0Y.7bgLbVQIw1V.flPaptjEiUXWVpbBPC6Khj9kcprkae4Xd9FYqItjaEPY7kA7lULiVeHS4zl..
        lastupdate = 1361830098
        flags = NOCHECK

michael@x054:[/]pwdadm test0001
Changing password for "test0001"
test0001's New password: 
Setting "test0001's" password to NULL.
michael@x054:[/]grep -p test0001 /etc/security/passwd
test0001:
        password =                                                                                                                    
        lastupdate = 1361830487
        flags = NOCHECK,ADMCHG

michael@x054:[/]pwdadm -f NOCHECK test0001           
michael@x054:[/]grep -p test0001 /etc/security/passwd
test0001:
        password =                                                                                                                    
        lastupdate = 1361830487
        flags = NOCHECK       
michael@x054:[/]

In short, you need pwdadm -f NOCHECK username to disable password checks to be sure you can enter a NULL password, and you will need to enter it again so that the ADMCHG (admin change) flag is cleared after you set the NULL password.

Note: You need to be root to perform the grep -p username /etc/security/passwd command

williamen · April 24, 2013, 5:39am

You must reboot your system, and login to bios system aix..

and change that..