On Linux the
passwd command changes passwords for user accounts. A normal user may only change the password for his/her own account, while the superuser may change the password for any account.
passwd also changes the account or associated password validity period.
passwd uses PAM (Pluggable Authentication Modules) to authenticate users and to change their passwords.
In order to enforce some stricter password rules you need to install the
# apt-get install libpam-cracklib
Once installed you can setup the rules in
In the following example I have setup lines that require the user to select a password with a minimum length of 10 and with at least 4 digit numbers, 1 upper case letter, and 1 other character. The user is only given 1 opportunity to enter a strong password and the password can't contain the user name.
passwordrequisitepam_cracklib.so \ retry=1 dcredit=-4 ucredit=-1 ocredit=-1 \ lcredit=0 minlen=10 reject_username
You can read about the specific options for pam_cracklib in the documentation here: (http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/sag-pam_cracklib.html)
If you have any comments or corrections feel free to email them to me.