• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

How to Configure Password Expiration and Complexity Requirements in CentOS/RHEL

by admin

This post tells how to configure Linux password policy, focussing on password expiration and complexity.

Password Expiration

To set the default password expiration when creating new accounts on CentOS/RHEL, edit the /etc/login.defs file.

PASS_MAX_DAYS 100

This means the maximum number of days a password may be used. Check the man page of login.defs for more options that can be used.

$ man login.defs

2. Password Complexity

The PAM module pam_cracklib can be used to force password complexity requirements. The complexity can be specified with the following options:

  • Minimum password length (minlen)
  • Minimum number of lower case letters (lcredit)
  • Minimum number of upper case letters (ucredit)
  • Minimum number of numeric characters (dcredit)
  • Minimum number of non-alphanumeric characters (ocredit)

Here is an example line in /etc/pam.d/system-auth configuration file:

password  required   /lib/security/$ISA/pam_cracklib.so retry=3 minlen=10 dcredit=-1 ucredit=-1 lcredit=-1 ocredit=-1

Given the above setting, users would be required to choose passwords that are at least 10 characters long, that have at least one lower case character, one uppercase character, one number, and one special character. Note that to require any of these characteristics a negative number is specified.

Filed Under: CentOS/RHEL, Linux

Some more articles you might also be interested in …

  1. nslookup: command not found
  2. dpkg-scanpackages: command not found
  3. How To Change Engine Database Password for RHVM Engine
  4. Linux OS Service ‘avahi-daemon’
  5. xeyes: command not found
  6. How to Manage Oracle database Audit File Directory Growth with cron (ASM Instances Only)
  7. equery Command Examples in Gentoo Linux
  8. How to uninstall speedtest-cli package from Ubuntu
  9. CentOS/RHEL: /tmp mount point not automatically mounting when added in /etc/fstab
  10. Linux OS Service ‘lm_sensors’

You May Also Like

Primary Sidebar

Recent Posts

  • fprintd-delete Command Examples in Linux
  • fprintd-delete: command not found
  • foreman: command not found
  • foreman Command Examples in Linux

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright