Date: Sat, 30 Jun 2007 21:10:54 +0300 From: Manolis Kiagias <sonicy@otenet.gr> To: Patrick Dung <patrick_dkt@yahoo.com.hk> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: password againg and other policy enforcement Message-ID: <46869CAE.4060106@otenet.gr> In-Reply-To: <105872.23286.qm@web54305.mail.re2.yahoo.com> References: <105872.23286.qm@web54305.mail.re2.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Patrick Dung wrote: > I have some question about password policy in FreeBSD: > > 1. Administrator can enforce password expire in /etc/login.conf > Is there any tool that can check when the password will expire for the > users? > > 2. Any good way to enforce minimum password length and other > restriction(like password need at least 2 numbers, 2 special char)? > > 3. Any ways to prevent user reuse old password? > > Regards > Patrick > These options have been moved to PAM (Pluggable Authentication Modules). Have a look at /etc/pam.d You will find a file called passwd Edit it and uncomment the line: password requisite pam_passwdqc.so .... Change the options you require per the manual page (man 8 pam_passwdqc) A lot of restrictions can be placed on the password (history, complexity, number of chars / symbols and so on). Manolis
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46869CAE.4060106>