Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Password Policy
Operating Systems AIX Password Policy Post 302911226 by in2nix4life on Wednesday 30th of July 2014 02:50:32 PM
Old 07-30-2014
Here's a hack that may help.

TEST
As root, create a file, let's call it pdictlst, and make sure only root has read\write permissions.

Add a user's username to the file and save it.

Use the chuser command to set the password dictionary for that user to this file:

Code:
chuser dictionlist=/path/to/pdictlst username

As that user, attempt to change the password to the username. You should receive an error:

Code:
Passwords must not match words in the dictionary.

IMPLEMENTATION
To enable this system-wide, make a copy of the default dictionary file /usr/share/dict/words. Add all the usernames to this file, then run the following command:

Code:
chuser dictionlist=/path/to/words

Now the dictionary password check will check both dictionary words and usernames. If the words file is not installed, I believe it is in the bos.data fileset.

Hope this helps.
 

10 More Discussions You Might Find Interesting

1. UNIX and Linux Applications

Need openLDAP + Password policy guide

Hi all of you.............. I am using openldap on ubuntu server . i want to apply password policy for user's to set password length , expire date , ......etc. can anybody guide me to configure this. (1 Reply)
Discussion started by: jagnikam
1 Replies

2. Solaris

Password policy problem ??

Hi Solaris's expert I need to change user password on Solaris10 2 servers. With the same password I can change it just only one. Try to check everything but not found difference?? password pattern: abcdeFgh9Jk server1 check all characters but server2 check only first 8 characters.Why??... (10 Replies)
Discussion started by: arm_naja
10 Replies

3. Red Hat

Shadow file password policy

Today i was going through some of security guides written on linux . Under shadow file security following points were mentioned. 1)The encrypted password stored under /etc/shadow file should have more than 14-25 characters. 2)Usernames in shadow file must satisfy to all the same rules as... (14 Replies)
Discussion started by: pinga123
14 Replies

4. Red Hat

NIS password policy

Hi, I am running NIS server on redhat linux 5 and I want to implement password restrictions for the yppasswd, how can I do it.Please help me. I can implement password restriction for passwd by configuring /etc/pam.d/system-auth and setting crack_lib.so but I don't know how to implent the same... (3 Replies)
Discussion started by: ktrimu
3 Replies

5. Solaris

password policy for new user

hi folk, i try to setup a new password policy for our solaris box user, below are the /etc/default/passwd/, but then when i tried to create a user, it didn't ask for numeric character, and the new password also didn't ask for special characters. # useradd testing # passwd testing New... (7 Replies)
Discussion started by: dehetoxic
7 Replies

6. Ubuntu

User and Password Policy

Hi linux expert, i would like to create a script for listing all user with there password policy. It should be in the following format: Last password change : Sep 19, 2011 Password expires : never Password inactive : never Account... (2 Replies)
Discussion started by: yprudent
2 Replies

7. Red Hat

Password Policy description

Hi Experts, i would like to know the description of the following: Minimum: 0 Maximum: 90 Warning: 7 Inactive: -1 Last Change: Never Password Expires: Never Password Inactive: Never Account Expires: Never Does this means that... (2 Replies)
Discussion started by: yprudent
2 Replies

8. Solaris

Solaris and PAM Password policy

Hello All, I have Sun DSEE7 (11g) on Solaris 10. I have run idsconfig and initialized ldap client with profile created using idsconfig. My ldap authentication works. Here is my pam.conf # Authentication management # # login service (explicit because of pam_dial_auth) # login ... (3 Replies)
Discussion started by: pandu345
3 Replies

9. Ubuntu

Password Expiration Policy

Hello Team, I am using Lubuntu & have DRBL remote boot setup with open Ldap authentication. Currently there is no password expire policy. I want to set Password Policy so that user's password will expire after a month & they will get prompt to change their password. Using PAM we can do it,... (1 Reply)
Discussion started by: paragnehete
1 Replies

10. Red Hat

Password policy for root

Hi, I am unable to enforce password complexity policy for root user. (other users are working) on RHEL 6.2. Anything wrong with system-auth parameters? PLease help.. vi /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time... (1 Reply)
Discussion started by: suresh3566
1 Replies

LEARN ABOUT PLAN9

mkpwdict

mkpwdict(1M)						  System Administration Commands					      mkpwdict(1M)

NAME

       mkpwdict - maintain password-strength checking database

SYNOPSIS

       /usr/sbin/mkpwdict [-s  dict1,... ,dictN] [-d destination-path]

DESCRIPTION

       The mkpwdict command adds words to the dictionary-lookup database used by pam_authtok_check(5) and passwd(1).

       Files containing words to be added to the database can be specified on the command-line using the -s flag. These source files should have a
       single word per line, much like /usr/share/lib/dict/words.

       If -s is omitted, mkpwdict will use the value of DICTIONLIST specified in /etc/default/passwd (see passwd(1)).

       The database is created in the directory specified by the -d option. If this option is omitted, mkpwdict uses  the  value  of  DICTIONDBDIR
       specified in /etc/default/passwd (see passwd(1)). The default location is /var/passwd.

OPTIONS

       The following options are supported:

       -s

	   Specifies a comma-separated list of files containing words to be added to the dictionary-lookup database.

       -d

	   Specifies the target location of the dictionary-database.

FILES

       /etc/default/passwd

	   See passwd(1).

       /var/passwd

	   default destination directory

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       passwd(1), attributes(5), pam_authtok_check(5)

SunOS 5.10							    1 Jun 2004							      mkpwdict(1M)
All times are GMT -4. The time now is 10:05 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy