Enforce Password Complexity

Enforce password complexity on Ubuntu

If you are a Ubuntu user, then you are probably aware of the importance of having a strong and complex password. A password that is easy to guess can be easily hacked, leading to potential security threats to your system and data. Therefore, it is essential to enforce password complexity on Ubuntu to ensure the security of your system.

To see how to enforce password complexity on CentOS/Redhat click here.

Pluggable Authentication Modules :

One way to enforce password complexity on Ubuntu is by using the PAM (Pluggable Authentication Modules) module. PAM allows users to set specific rules for their passwords, such as the minimum length, the number of special characters, and the use of upper and lower case letters.

Enforce password complexity with libpam-cracklib :

To enable PAM on Ubuntu, first, open the terminal and type the following command :

#apt-get install libpam-cracklib

This will install the PAM module on your system.

Next, you need to edit the PAM configuration file by typing the following command in the terminal :

#vim /etc/pam.d/common-password

In the file, you need to add the following lines :

password requisite pam_cracklib.so retry=3 minlen=8 dcredit=-1 ucredit=-1 ocredit=-1 lcredit=-1
password [success=1 default=ignore] pam_unix.so obscure use_authtok try_first_pass sha512

The first line sets the rules for your password, such as the minimum length (8 characters in this case), and the number of special characters required (-1 in this case, which means that the password must not contain any special characters).

The second line tells PAM to use the sha512 algorithm to hash the password, which is considered one of the most secure algorithms available.

Once you have added these lines to the PAM configuration file, save and close the file.

Now, when you change your password, PAM will enforce the password complexity rules that you have set. If your password does not meet the rules, PAM will prompt you to enter a new password that satisfies the rules :

Enforce password complexity

Enforcing password complexity on Ubuntu is a simple but effective way to improve the security of your system. By using PAM and setting specific rules for your password, you can ensure that your password is strong and complex, making it difficult for hackers to guess and breach your system’s security.

To read this tutorial in French click here.

Laisser un commentaire

Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *