Tuesday, 25 June 2013

How to Enforce Password Strength using PAM

Problem: You want your users to employ strong passwords.

Solution: Use the pam_cracklib PAM module to test and enforce password strength requirements automatically. 

edit the parameters in the pam_cracklib module in 


To increase the number of consecutive times a user can enter an incorrect password, change the retry parameter from its default of 3;

password required /lib/security/pam_cracklib.so retry=3

NOTE: PAM allows recursion via the pam_stack module that is, one PAM module can invoke another.

No comments:

Post a Comment