technology

Setting good password complexity controls

Making strong Ubuntu password policies

Making strong Ubuntu password policies requires setting good password complexity controls

Inspired by https://www.server-world.info/en/note?os=Ubuntu_22.04&p=pam&f=1

Install 

1

apt -y install libpam-pwquality

Edit /etc/login.defs 

1
2
3

PASS_MAX_DAYS	60
PASS_MIN_DAYS	1
PASS_WARN_AGE	7

Edit /etc/pam.d/common-password 

1

password	requisite			pam_pwquality.so retry=3 remember=5

Edit /etc/security/pwquality.conf 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16

difok = 5
minlen = 8
dcredit = -1
ucredit = -1
lcredit = -1
ocredit = -1
minclass = 2
maxrepeat = 2
maxclassrepeat = 4
gecoscheck = 1
dictcheck = 1
usercheck = 1
usersubstr = 1
enforcing = 1
enforce_for_root
badwords = simplepassword
Ubuntu
Licensed under CC BY-NC-SA 4.0
© 2025 Andrew Riley - you can call me 'Riles'
Built with Hugo
Theme Stack designed by Jimmy