Subject: Lost passwords
Date: 4/6/90

Question:

I have a client at George Washington University who has just
upgraded from 2.15a to 2.15c. He also changed machines from an AST
386/20 with a WD7000 FASST II controller with one 80MB and one 650MB
drive attached to it to a Triumph 386/33 with a DPT ESDI
controller with a 150MB drive and the WD7000 with the 650MB drive
on it. He installed ok, and restored from a Cypher PC 125 using
Sytos v3.x backup software.

The upgrade and restore went fine. He logged in, and all users,
including Supervisor, now had expired passwords. They were
allowed to change passwords or use a Grace login to get in, but
two users who changed passwords with more chars than the required
minimum were told the passwords were too short. They were able to
get in with a grace login and could use Setpass to make the
change. This system has unique passwords enabled, and when other
users got the message that the new password they'd selected was
already in use and would they like to change it again, said no to
that, the system allowed them in and took away their password
altogether.

This is very weird, and I'd like to know is anyone has
experienced a similar problem with the 2.15c upgrade.

Answer:

Your password problem is due to a bug in previous versions on
2.15.  This is due to the password length not being properly
placed in the bindery.  If the file server has been set up to
check for a minimum password length and is upgraded to 2.15C, all
passwords should be changed.  Once the change has been made the
problem will discontinue.

That's a direct quote from the TIDB TECHNOTES card file.