In this lab, we will create a password complexity policy that will require users to enter a password that meets our defined password requirements when creating a new password. Password policies help us guarantee passwords used on our systems are secure passwords.
Successfully complete this lab by achieving the following learning objectives:
- Configure a Password Complexity Policy
To create the password requirements in the policy, we need to edit the
/etc/security/pwquality.conffile and include the following:
minlen = 12 maxrepeat = 2 minclass = 4 ucredit = -3 dcredit = -3 badword = password, pass, word
- Put the Password Complexity Policy into Effect
In order to put the new policy into effect, we need to add the following line to the
password required pam_pwquality.so retry=3
- This line should be inserted as the first line with the word "password", the third uncommented line in the default configuration of the file.