Password Complexity Rules
I'm trying to figure out what password complexity rules some of our Linux AS3 and AS4 machines have -- what's the minimum length, what characters are required, what strings are prohibitted, etc. Also, how we would go about changing some of these rules. Actually, I've learned that pam_cracklib is what's handling this on our systems and that this can be configured in /etc/pam.d/system-auth on Redhat machines. What I'm trying to determine is what default minimum rules are used if nothing else is configured. For example, on one of our machines the relevant lines in system-auth are:
password required /lib/security/$ISA/pam_cracklib.so retry=3 type=
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so
Since there isn't much configured here (other than the number of retries for setting a new password being 3) I'm wondering what minimum/default rules are being used, since I do know that it forces a certain level of complexity when setting passwords. I just don't know how to find out what the rules are.
Thanks.
|