Re: Force passwordcheck in login.conf

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Stuart Henderson

Subject: Re: Force passwordcheck in login.conf

Date: Thursday, October 14, 2010 - 9:39 am

On 2010-10-13, Brad Tilley <brad@16systems.com> wrote:
quoted text> Mark Romer wrote:
>> use passwdqc  it is in packages.
>> 
>> in login.conf under default I have:
>> :minpasswordlen=12:\
>>         :login-tries=4:\
>>         :passwordtries=3:\
>>         :passwordcheck=/usr/local/libexec/passwdqc -3 12
>> 
>> Mark
>
> I've heard complaints that it is too stringent (I tend to agree, no
> offense to Solar). PCI DSS 1.2 only requires numbers and alphabetic
> chars in the password. So, letmein123 meets the requirement.

See passwdqc.conf(5).

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Force passwordcheck in login.conf, Brad Tilley, (Tue Oct 12, 5:46 pm)

Re: Force passwordcheck in login.conf, Alexander Hall, (Wed Oct 13, 1:20 am)

Re: Force passwordcheck in login.conf, Leif Blixt, (Wed Oct 13, 2:09 am)

Re: Force passwordcheck in login.conf, Mark Romer, (Wed Oct 13, 7:15 am)

Re: Force passwordcheck in login.conf, Brad Tilley, (Wed Oct 13, 7:51 am)

Re: Force passwordcheck in login.conf, Brad Tilley, (Thu Oct 14, 4:35 am)

Re: Force passwordcheck in login.conf, Leif Blixt, (Thu Oct 14, 4:54 am)

Re: Force passwordcheck in login.conf, Brad Tilley, (Thu Oct 14, 5:08 am)

Re: Force passwordcheck in login.conf, Leif Blixt, (Thu Oct 14, 5:14 am)

Re: Force passwordcheck in login.conf, Brad Tilley, (Thu Oct 14, 6:40 am)

Re: Force passwordcheck in login.conf, Joachim Schipper, (Thu Oct 14, 6:47 am)

Re: Force passwordcheck in login.conf, Stuart Henderson, (Thu Oct 14, 9:39 am)


linux-kernel:
FUJITA Tomonori	Re: [Scst-devel] Integration of SCST in the mainstream Linux kernel
Ingo Molnar	Re: [RFC/RFT PATCH] sched: automated per tty task groups
Josef Bacik	[PATCH] fallocate.2: add FALLOC_FL_PUNCH_HOLE flag definition
Rezwanul_Kabir	RE: Dell Studio 1555 eject key does not work ( small patch to fix included )
Rafael J. Wysocki	[Bug #15669] INFO: suspicious rcu_dereference_check()
git:
Michal Sojka	[PATCHv5 1/2] filter-branch: Fix to allow replacing submodules with another content
Junio C Hamano	Re: Fwd: git status options feature suggestion
Stefan Richter	Re: [kernel.org users] [RFD] On deprecating "git-foo" for builtins
A Large Angry SCM	Re: [RFC] origin link for cherry-pick and revert
Bert Wesarg	[TopGit PATCH v3 06/12] list_deps: accept -i/-w
linux-netdev:
Arnaldo Carvalho de Melo	Re: [PATCH 06/37] dccp: Limit feature negotiation to connection setup phase
Gerrit Renker	[PATCH 1/5] dccp: Initialisation framework for feature negotiation
Ursula Braun	[patch 2/8] [PATCH] af_iucv: sync sk shutdown flag if iucv path is quiesced
Daniel Lezcano	getsockopt(TCP_DEFER_ACCEPT) value change
David Miller	Re: 2.6.27.18: bnx2/tg3: BUG: "scheduling while atomic" trying to ifenslave a seco...
git-commits-head:
Linux Kernel Mailing List	libata: disable ATAPI AN by default
Linux Kernel Mailing List	ARM: 5905/1: ARM: Global ASID allocation on SMP
Linux Kernel Mailing List	misc: replace remaining __FUNCTION__ with __func__
Linux Kernel Mailing List	Disallow gcc versions 4.1.{0,1}
Linux Kernel Mailing List	timer: Try to survive timer callback preempt_count leak
openbsd-misc:
Rene Maroufi	smtpd: Aliases only work with for local alias aliases
Stephen J. Bevan	GRE over IPsec
Darrin Chandler	Re: strange output on openbsd C code
KURS ENGLESKOG JEZIKA NA 10 CD-a	AUDIO-VIZUELNA METODA UCENJA ENGLESKOG JEZIKA na 10 CD-a
Nick Holland	Re: Install OpenBSD from USB ?