Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Setting password complexity
Operating Systems Linux SuSE Setting password complexity Post 302834315 by DGPickett on Thursday 18th of July 2013 05:07:02 PM
Old 07-18-2013
I am only a Googling expert, but: PAM, pam_tally, and locking out users after 3 failed login attempts in RHEL5

And Linux Password Security with pam_cracklib

And even stronger: Linux password strength, pam_cracklib, and Nessus compliance

That leads to: passwdqc - password/passphrase strength checking and policy enforcement toolset for your servers and software

I like 8 byte min with 1 each of lc, uc, num, special (need to prevent any? :? "? '?).
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Help in setting up password without Interaction.

Can anybody tell me how can I create an account without having to enter the password after editing the vipw file. I mean the system should automatically take care of the password encryption in the shadow file and I don't to enter the password again and the Account should be ready to go. ... (3 Replies)
Discussion started by: syedifti
3 Replies

2. UNIX for Dummies Questions & Answers

Setting password restrictions for all users

I would like to change the password requirements for all our AIX 5.2 logins but am having trouble finding a place where I can set the rules for everyone at the same time. I know I can go user by user in smit passwords but is there a way to create rules for everyone at the same time? Thanks,... (2 Replies)
Discussion started by: drathbone
2 Replies

3. Solaris

password complexity check

Hi, I am looking for a simple way to : - force the user to change his password following the first connexion - check the complexity of a password (password should has a least 8 characters with 1 special char and 1 alpha...). Thinks for your help (1 Reply)
Discussion started by: dbsora
1 Replies

4. Solaris

Password Setting

Hi: Could I set the: - Login Time-out Interval - Password History Count - Lockout Duration - Lockout Threshold for user account in Sun Solaris 5.8. Thanks for your help (6 Replies)
Discussion started by: mlsun
6 Replies

5. UNIX for Advanced & Expert Users

setting password in ldap

Hi, I have installed open ldap according to the order from this video: YouTube - bowendenning's Channel sudo apt-get install slapd sudo apt-get install ldap-utils sudo apt-get install phpldapadmin The installaion was good. However it did NOT ask from me any password. After I enter to... (0 Replies)
Discussion started by: programAngel
0 Replies

6. AIX

Setting up Password Security in AIX 5.3

In AIX 5.3 tech level 11: I want to setup a default password policy to have at least one of each of the following: alpha character, numeric character, and "special" character ("!", "&", etc). The smitty Security and Users --> Passwords --> System Password Policy screen only offers "MIN... (2 Replies)
Discussion started by: kikwit_phil
2 Replies

7. Solaris

default password setting

Can anyone kindly explain to me the meaning of the default values of the code below please? Thank you very much #MINDIFF=3 #MINALPHA=2 #MINNONALPHA=1 #MINUPPER=0 #MINLOWER=0 #MAXREPEATS=0 #MINSPECIAL=0 #MINDIGIT=0 #WHITESPACE=YES (1 Reply)
Discussion started by: cjashu
1 Replies

8. Solaris

Problems setting password.

Hi All, I have a problem setting the password when I have to create a user and password as detailed below. username : gaacj01 password : oshopp01 username : gaacj02 password : oshopp02 username : gaacj03 password : oshopp03 username : gaacj04 password : oshopp04 username : gaacj05 ... (17 Replies)
Discussion started by: kittigolf
17 Replies

9. HP-UX

Password compliance setting

I need to set password compliance for some servers in my company. However, the requirements are that we need to set different password policies for 3 different user groups within the company. These are : System Users: i.e root, etc Batch/Application Users: oracle, bscs, etc Standard User:... (0 Replies)
Discussion started by: anaigini45
0 Replies

10. Solaris

Solaris 10 - password complexity not working

I have been trying to enable password complexity variables on Solaris 10 by editing the /etc/default/passwd file but none of my changes are taking effect (I'm still able to set passwords that violate the rules I am trying to implement). I've tried an O/S reboot after the changes but that had no... (6 Replies)
Discussion started by: triggerhippie
6 Replies

LEARN ABOUT LINUX

pam_pwhistory

PAM_PWHISTORY(8)						 Linux-PAM Manual						  PAM_PWHISTORY(8)

NAME

       pam_pwhistory - PAM module to remember last passwords

SYNOPSIS

       pam_pwhistory.so [debug] [use_authtok] [enforce_for_root] [remember=N] [retry=N] [authtok_type=STRING]

DESCRIPTION

       This module saves the last passwords for each user in order to force password change history and keep the user from alternating between the
       same password too frequently.

       This module does not work together with kerberos. In general, it does not make much sense to use this module in conjunction with NIS or
       LDAP, since the old passwords are stored on the local machine and are not available on another machine for password history checking.

OPTIONS

       debug
	   Turns on debugging via syslog(3).

       use_authtok
	   When password changing enforce the module to use the new password provided by a previously stacked password module (this is used in the
	   example of the stacking of the pam_cracklib module documented below).

       enforce_for_root
	   If this option is set, the check is enforced for root, too.

       remember=N
	   The last N passwords for each user are saved in /etc/security/opasswd. The default is 10.

       retry=N
	   Prompt user at most N times before returning with error. The default is 1.

       authtok_type=STRING
	   See pam_get_authtok(3) for more details.

MODULE TYPES PROVIDED

       Only the password module type is provided.

RETURN VALUES

       PAM_AUTHTOK_ERR
	   No new password was entered, the user aborted password change or new password couldn't be set.

       PAM_IGNORE
	   Password history was disabled.

       PAM_MAXTRIES
	   Password was rejected too often.

       PAM_USER_UNKNOWN
	   User is not known to system.

EXAMPLES

       An example password section would be:

	   #%PAM-1.0
	   password	required       pam_pwhistory.so
	   password	required       pam_unix.so	  use_authtok

       In combination with pam_cracklib:

	   #%PAM-1.0
	   password	required       pam_cracklib.so	  retry=3
	   password	required       pam_pwhistory.so   use_authtok
	   password	required       pam_unix.so	  use_authtok

FILES

       /etc/security/opasswd
	   File with password history

SEE ALSO

       pam.conf(5), pam.d(5), pam(8) pam_get_authtok(3)

AUTHOR

       pam_pwhistory was written by Thorsten Kukuk <kukuk@thkukuk.de>

Linux-PAM Manual						    06/04/2011							  PAM_PWHISTORY(8)
All times are GMT -4. The time now is 10:48 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy