What's best practice to enforce system-wide strong passwords?

2 posts / 0 new
Last post
#1 Fri, 08/21/2009 - 02:03
datenimperator

What's best practice to enforce system-wide strong passwords?

Hi,

subject says it all... :-) I've fumbled with the PAM setting, eventually setting the minimum password length, but the Webmin "change password" module didn't reject my too-short password when I tried to change it.

Best thing would be to have constraints enforced system-wide, no matter by what means people try to change their passwords: Webmin, Usermin, Virtualmin, via SSH and "passwd" or Samba.

Any ideas? Kind regards,

Christian

p.s.: System is Ubuntu 8.04 LTS

Fri, 08/21/2009 - 10:18
ronald
ronald's picture

did you go to webmin - system - Users and Groups then upper corner go to Module Config (under help) then scoll to Password restriction and Minimum password length set to 8 or more.

also Prevent dictionary word passwords? set to yes

That should work.

Topic locked