Date: Sat, 30 Jun 2007 11:56:54 -0700 (PDT) From: Patrick Dung <patrick_dkt@yahoo.com.hk> To: Manolis Kiagias <sonicy@otenet.gr> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: password againg and other policy enforcement Message-ID: <139842.68546.qm@web54305.mail.re2.yahoo.com> In-Reply-To: <46869CAE.4060106@otenet.gr>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for reply. pam_passwdqc has feature to enforce min password length, and the combination. Also it can check the similarity with the current and new password. But tools to check when users password will expire is missing. Also it cannot keep password history (password that the user had used). The user can use password A, then user change to password B and then change back to password A... Regards Patrick --- Manolis Kiagias <sonicy@otenet.gr> wrote: > Patrick Dung wrote: > > I have some question about password policy in FreeBSD: > > > > 1. Administrator can enforce password expire in /etc/login.conf > > Is there any tool that can check when the password will expire for > the > > users? > > > > 2. Any good way to enforce minimum password length and other > > restriction(like password need at least 2 numbers, 2 special char)? > > > > 3. Any ways to prevent user reuse old password? > > > > Regards > > Patrick > > > These options have been moved to PAM (Pluggable Authentication > Modules). > Have a look at /etc/pam.d > You will find a file called passwd > Edit it and uncomment the line: > > password requisite pam_passwdqc.so .... > > Change the options you require per the manual page > > (man 8 pam_passwdqc) > > A lot of restrictions can be placed on the password (history, > complexity, number of chars / symbols and so on). > > Manolis > > ____________________________________________________________________________________Ready for the edge of your seat? Check out tonight's top picks on Yahoo! TV. http://tv.yahoo.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?139842.68546.qm>