Re: Allowing weak passwords

[Pann McCuaig <pann@ourmanpann.com>]

On my slink system if I (as root) _remove_ the 13-character encrypted
password for a user from /etc/shadow (/etc/passwd if shadow passwords
aren't enabled) then that user can log in with _no_ password (not even
asked).

BTW, this is the standard way to recover, with a rescue floppy, from the
"Oh, Shit! Nobody knows the root password for this machine" syndrome.

On Fri, Dec 17, 1999 at 15:43, Dave Sherohman wrote:
> Ben Collins said:
> > Edit /etc/login.defs and modify the minimum password length config.
> 
> That allows _short_ passwords, but not _weak_ ones.
> 
> After changing it to 1, I just had the following exchange with passwd:
> 
> Enter the new password (minimum of 1, maximum of 8 characters)
> Please use a combination of upper and lower case letters and numbers.
> New password: a
> Bad password: a palindrome.  Try again.
> New password: abc
> Bad password: too simple.  Try again.
> 
> How do I disable those checks?

Luck,
Pann
-- 
geek by nature, Linux by choice                     L I N U X       .~.
                                                    The Choice      /V\
http://www.ourmanpann.com/linux/                     of a GNU      /( )\
                                                    Generation     ^^-^^