Description of problem:
I'm working with a client who is trying to force users to include a numeric
character in their passwords. In my testing I've tried the following cracklib
options to force a numeric character:
dcredit=1 ucredit=0 lcredit=0 ocredit=0 and minlen=1
dcredit=1 ucredit=0 lcredit=0 ocredit=0 and minlen=8
dcredit=1 ucredit=0 lcredit=0 ocredit=0 and minlen=9
dcredit=-1 ucredit=0 ocredit=0 lcredit=0 minlen=8
dcredit=-1 ucredit=0 ocredit=0 lcredit=0
None of these appear to work as expected on my system.
From searching around it appears that this is somewhat of a known issue, and
there is a patch available which addresses this problem. Would it be possible
to get this patch incorporated into an errata?
Please see the following URL for information regarding the patch mentioned above:
See the section entitled "Setting Up Password Restrictions and Other
Restrictions" from the above link.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.add dcredit option(s) to system-auth, cracklib password line
2.login as user
Actual Results: user is not required to use a numeric value in password
Expected Results: user should be forced to enter a numeric character in password