Re: "obscure" in /etc/pam.d/common-password what does it mean exactly?
>
> Hello,
>
> On Wed, Mar 22, 2006 at 03:33:39PM -0800, prosolutions@gmx.net wrote:
> >
> > I've scoured through all Debian pam documentation, upstream PAM docs,
> > and did extensive googling but cannot find the definition of "obscure"
> > as it applies to common-password. Anyone have any info on this?
> >
> >
> > I am assuming this is where the default system password policy is set:
> >
> >
> > password required pam_unix.so nullok obscure min=4 max=8 md5
>
> You can find the documentation of the pam_unix module in the libpam-doc package (/usr/share/doc/libpam-doc/txt/pam.txt.gz):
>
> The obscure option enables some extra checks on the password.
> These is taken after the same obscure checks enabled in the
> original shadow package. This works very similar to the
> pam_cracklib module and implements these checks (it does not
> implement dictionary checks):
> * Palindrome
> * Case Change Only
> * ...
According to that document "This works very similar to the
pam_cracklib module and implements these checks (it does not
implement dictionary checks):
...
Similar
Is the new password too much like the old one?
as a test of this, i created an account with the password foo33. logged
in as the user, i was successfully able to change it to foo32.
wouldn't this be considered "similar"? where is "similar" defined?
Reply to: