Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [cracklib]

CrackLib is a Unix library which tests the strength of passwords.

CrackLib is a Unix library which tests the strength of passwords.

6 questions
4
votes
1 answer

pam_cracklib: preventing users from using passwords that contain common words

We would like to prevent users from using words such as the organisation name or their username as part of the password. The default behaviour of pam_cracklib when given a dictionary seems to be to disallow any passwords that are the words contained…
Markus Koivisto
  • 141
  • 2
3
votes
1 answer

pam_cracklib reports bad password correctly but pam_unix module STILL changes the password

I am currently trying to use pam_cracklib which properly fails according to my debug.log but even though it is setup as a password requisite entry in my PAM config file, it still falls through to the next pam_unix module which allows for a password…
jiveturkey
  • 153
  • 1
  • 9
2
votes
1 answer

How do I disable password complexity in pam

I found tons of articles how to enable password complexity, can someone guide me to how to disable it? (oracle linux) This is my system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is…
Petr
  • 324
  • 2
  • 4
  • 10
2
votes
2 answers

pam_cracklib on Linux: how to disable credits

The pam_cracklib 'minlen' does not work as I want it to. PAM allows passwords even with lesser length than it is set to with the 'minlen' option. It gives credits (by default 1) to the 'upper-case', 'lower-case', 'digit' and…
Nilesh
  • 21
  • 2
1
vote
0 answers

How do I return relevant error messages to an end-user from ppm/cracklib when embedded in an OpenLDAP password policy?

I'm deploying a new OpenLDAP server with a password policy that uses ppm as the pwdcheckmodule with cracklib enabled. When a user authenticates, the only response they get back is from OpenLDAP "(-19) Password quality check failed." (or something…
Joe Gaydos
  • 11
  • 1
0
votes
0 answers

pam_cracklib minlen not working as expected

im trying to enforce a password policy using pam_cracklib on Debian with this configuration minlen=10 lcredit=-1 ucredit=-1 ocredit=-1 but i still can create passwords with less than 10 length. Edit this is the content of my…
aamd
  • 101
  • 2