set up password change regularly with certain rules

Soo-Hyun Choi s.choi at hackers.org.uk
Mon Nov 5 15:49:30 UTC 2007


Yes, I was aware that "man passwd" says that. Well, I think PAM could
enforce a user to use more complex character sets for password setting. I
have changed an appropriate PAM files (/etc/pam.d/common-password), so let
me see if it really works.

Thanks for your information.
Soo-Hyun



On 11/5/07, Mario Vukelic <mario.vukelic at dantian.org> wrote:
>
>
> On Mon, 2007-11-05 at 14:49 +0000, Soo-Hyun Choi wrote:
> > I wonder how can I force a user to use complex password set instead of
> > simple character combination.
>
> I haven't actually tested it, but "man passwd" says,
>
> "Then, the password is tested for complexity. As a general guideline,
> passwords should consist of 6 to 8 characters including one or more
> characters from each of the following sets:
>        ·   lower case alphabetics
>        ·   digits 0 thru 9
>        ·   punctuation marks"
>
> So it looks to me that the default is to enforce complexity. Of course
> one should never assume stuff when looking for security.
>
> In any case, in modern linux distros log-in password configuration is
> done with the pam package . Look into the config
> file /etc/pam.d/common-password and 'man pam_unix'
>
>
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20071105/8be6f00c/attachment.html>


More information about the ubuntu-users mailing list