Re: Allowing weak passwords
On my slink system if I (as root) _remove_ the 13-character encrypted
password for a user from /etc/shadow (/etc/passwd if shadow passwords
aren't enabled) then that user can log in with _no_ password (not even
asked).
BTW, this is the standard way to recover, with a rescue floppy, from the
"Oh, Shit! Nobody knows the root password for this machine" syndrome.
On Fri, Dec 17, 1999 at 15:43, Dave Sherohman wrote:
> Ben Collins said:
> > Edit /etc/login.defs and modify the minimum password length config.
>
> That allows _short_ passwords, but not _weak_ ones.
>
> After changing it to 1, I just had the following exchange with passwd:
>
> Enter the new password (minimum of 1, maximum of 8 characters)
> Please use a combination of upper and lower case letters and numbers.
> New password: a
> Bad password: a palindrome. Try again.
> New password: abc
> Bad password: too simple. Try again.
>
> How do I disable those checks?
Luck,
Pann
--
geek by nature, Linux by choice L I N U X .~.
The Choice /V\
http://www.ourmanpann.com/linux/ of a GNU /( )\
Generation ^^-^^
Reply to: