Unaware to me there is apparently by default some password changing policies in 2007.1. Had I known I would have turned them off immediately but there is also apparently a bug that has hosed my passwords.

I discovered it when I tried to 'su -' and after entering the password was told I needed to change the root password. Well I really didn't want to but no big deal. However, now the bug. No matter what password I choose it is rejected saying it is based on a dictionary word (some strange dictionary if what I typed is in it). Anyway, I cannot log in as root nor can I change the root password. I can only get into single user mode.

So the question is: How do I turn that damn thing off? TIA.

Have you tried using a password with alphanumeric characters?

Did you set the security level to 4 (High) ?
If so, root password expires after 60 days, and your password must be at least 6 char with at least 1 digit and 1 uppercase.
But you may change this settings in running draksec in a terminal.
Or set the security level to 3.

See http://club.mandriva.com/xwiki/bin/v...ec?language=en

Thanks for the replies. I am now getting back to this problem. After reading up on 'msec' a little just setting it to 3 or 4 will not help I want the higher security, I just don't want the forced password change. How do I turn just that off?

However, that is not what really bothers me the most. The real problem is the bug in 'passwd' that rejects any and all passwords as being dictionary based. What is up with that?

As i said, run draksec (as root) ; in 'System options' turn off default choice for password aging and password minimum length.