How to force users to use secure passwords on Ubuntu/Debian Linux

To force users to use secure passwords on Ubuntu or Debian Linux, you can use the “pam_cracklib.so” module in PAM (Pluggable Authentication Modules). This module checks the strength of passwords before allowing them to be set.

Here are the steps to enable password checks with PAM:

  1. Install the “libpam-cracklib” package:
# apt-get install libpam-cracklib
  1. Edit the “/etc/pam.d/common-password” file:
# nano /etc/pam.d/common-password
  1. Add the following line to the top of the file:
password requisite pam_cracklib.so retry=3 minlen=8 difok=3
  1. Save and close the file.

With these steps, passwords must now meet the following criteria:

  • Must be at least 8 characters long
  • Must have a minimum difference of 3 characters compared to the old password
  • Users will have to retry entering the password up to 3 times if the first attempts are not strong enough.

It’s recommended to test the changes before rolling it out to a production environment.

(https://www.blazeair.com/)

Leave a Comment