set up password change regularly with certain rules

Mario Vukelic mario.vukelic at
Mon Nov 5 15:05:31 UTC 2007

On Mon, 2007-11-05 at 14:49 +0000, Soo-Hyun Choi wrote:
> I wonder how can I force a user to use complex password set instead of
> simple character combination.

I haven't actually tested it, but "man passwd" says, 

"Then, the password is tested for complexity. As a general guideline,
passwords should consist of 6 to 8 characters including one or more
characters from each of the following sets:
       ·   lower case alphabetics
       ·   digits 0 thru 9
       ·   punctuation marks"

So it looks to me that the default is to enforce complexity. Of course
one should never assume stuff when looking for security.

In any case, in modern linux distros log-in password configuration is
done with the pam package . Look into the config
file /etc/pam.d/common-password and 'man pam_unix'

More information about the ubuntu-users mailing list