Re: Password security/Weak Password lockout

To: debian-user@lists.debian.org
Subject: Re: Password security/Weak Password lockout
From: Juha Tuuna <juha.tuuna@utu.fi>
Date: Tue, 20 Jan 2009 09:45:49 +0200
Message-id: <[🔎] 4975812D.7030103@utu.fi>
In-reply-to: <[🔎] 49757848.8020906@guptaxpn.com>
References: <[🔎] 49757848.8020906@guptaxpn.com>

Paul Gupta wrote:
> By what mechanism does debian decide whether or not a password is too
> weak etc.
> ...
> What is it exactly? AND How would one configure it to be stricter or
> more lenient with password selection?

I use libpam-cracklib to protect from dictionary attacks. Also installed some
dictionaries, see apt-cache search dictionary | grep "/usr/share/dict"

/etc/pam.d/common-password:
password required pam_cracklib.so retry=3 minlen=10 difok=3

3 retries, minimum length of password 10 characters, 3 characters is allowed
to match with the previous password.

Hope that gets you started. Maybe check this out, too.
http://www.linuxsecurity.com/resource_files/host_security/securing-debian-howto/ap-checklist.en.html

-- 
Juha Tuuna

Reply to:

References:
- Password security/Weak Password lockout
  - From: Paul Gupta <wubrgamer@gmail.com>

Prev by Date: Re: [locales] change date/time display format for german locale in lenny like it has been on etch
Next by Date: Re: How to let a user login locally with a weak password
Previous by thread: Re: Password security/Weak Password lockout
Next by thread: Re: Password security/Weak Password lockout
Index(es):
- Date
- Thread