Hide Forgot
We're going to implement password policy in the on-demand Azure RHEL images, to align with the password policy from Azure portal. Here're the rules - The password must be between 6-72 characters long. - The password must contain 3 of the following: a lowercase character an uppercase character a number a special character We come out the below solution, could you please help review? Modify following line in /etc/pam.d/system-auth: password requisite pam_cracklib.so minlen=6 dcredit=1 ucredit=1 lcredit=1 ocredit=1 minclass=3 try_first_pass retry=3 type=
The proper line for what you want to achieve (of course without the maximum of 72 characters for which we do not have a checker) is: password requisite pam_cracklib.so minlen=6 dcredit=0 ucredit=0 lcredit=0 ocredit=0 minclass=3 try_first_pass retry=3 type= The credit values should be 0 because otherwise theoretically a password shorter than 6 characters could pass given the credit rules. However there is an additional unconditional check in cracklib that prevents passwords shorter than 6 characters anyway. As I understand this bug was opened just for this review so I am closing it. If I misunderstood, please reopen.