If you are a Ubuntu user, then you are probably aware of the importance of having a strong and complex password. A password that is easy to guess can be easily hacked, leading to potential security threats to your system and data. Therefore, it is essential to enforce password complexity on Ubuntu to ensure the security of your system.
To see how to enforce password complexity on CentOS/Redhat click here.
Pluggable Authentication Modules :
One way to enforce password complexity on Ubuntu is by using the PAM (Pluggable Authentication Modules) module. PAM allows users to set specific rules for their passwords, such as the minimum length, the number of special characters, and the use of upper and lower case letters.
Enforce password complexity with libpam-cracklib :
To enable PAM on Ubuntu, first, open the terminal and type the following command :
#apt-get install libpam-cracklib
This will install the PAM module on your system.
Next, you need to edit the PAM configuration file by typing the following command in the terminal :
In the file, you need to add the following lines :
password requisite pam_cracklib.so retry=3 minlen=8 dcredit=-1 ucredit=-1 ocredit=-1 lcredit=-1 password [success=1 default=ignore] pam_unix.so obscure use_authtok try_first_pass sha512
The first line sets the rules for your password, such as the minimum length (8 characters in this case), and the number of special characters required (-1 in this case, which means that the password must not contain any special characters).
The second line tells PAM to use the sha512 algorithm to hash the password, which is considered one of the most secure algorithms available.
Once you have added these lines to the PAM configuration file, save and close the file.
Now, when you change your password, PAM will enforce the password complexity rules that you have set. If your password does not meet the rules, PAM will prompt you to enter a new password that satisfies the rules :
Enforcing password complexity on Ubuntu is a simple but effective way to improve the security of your system. By using PAM and setting specific rules for your password, you can ensure that your password is strong and complex, making it difficult for hackers to guess and breach your system’s security.
To read this tutorial in French click here.
Samba : Installation et Configuration sur Ubuntu 22.04
nmap : les 12 commandes que vous devez connaître
Comment vérifier la version d’apache
How to check the lock status of a user account in Linux
Fail2Ban : How to protect Linux services