Setting up the system password algorithm

Edit online

A system administrator can use the chsec command to set up the system password algorithm or use an editor such as vi to manually modify the pwd_algorithm attribute in the /etc/security/login.cfg file.

It is recommended that you use the chsec command to set the system password algorithm, as the chsec command automatically checks the definition of the specified LPA.

Using the chsec command

Run the following command to set the smd5 LPA as the system-wide password encryption module:

chsec -f /etc/security/login.cfg -s usw -a pwd_algorithm=smd5

When you use the chsec command to modify the pwd_algorithm attribute, the chsec command checks the /etc/security/pwdalg.cfg file to verify the specified LPA. The chsec command fails if this check fails.

Using an editor

If you use an editor to manually change the pwd_algorithm attribute value in the /etc/security/login.cfg file, ensure that the specified value is the name of a stanza that is defined in the /etc/security/pwdalg.cfg file.