current position:Home>Complexity of setting account password in Linux and Kirin systems

Complexity of setting account password in Linux and Kirin systems

2022-01-27 04:11:30 qq_ eight hundred and sixty-three thousand nine hundred and nine

The complexity of setting account password in Kirin system


1. explain

In order to ensure that the password complexity of each account created later meets the actual needs , The corresponding configuration needs to be changed to achieve the effect .

2. Check the method

1. Enter command in terminal :
[[email protected] ~]# more /etc/security/pwquality.conf

2. According to the display results, check whether the relevant items are not commented or the value is not equal to 0

3. Meaning of each configuration item :
difok Represents the number of characters that cannot be the same as the last password ;
minlen Is the minimum password length ;
dcredit Is the minimum number of digits in the password ;
ucredit Is the minimum number of uppercase letters in the password ;
lcredit Is the minimum number of lowercase letters in the password ;
ocredit Is the minimum number of special characters in the password ;
maxrepeat The maximum number of occurrences of the same character in the password ;
minclass Set the minimum number of character classes required for the new password
maxrepeat Set the maximum number of consecutive identical characters allowed in the new password
maxclassrepeat Set the maximum number of consecutive characters allowed for the same class in the new password
gecoscheck Check that the new password contains users passwd Term GECOS The length in the field exceeds 3 One character word
dictcheck Check whether it comes from cracklib Dictionary words .
usercheck To check whether the password is similar to the user name
enforcing Check if the PAM Module or other module enforces the application
dictpath = Designated access cracklib The path of the dictionary , By default, the system comes with cracklib Default Dictionaries

3. Suggestions for modification

1. Use vim The editor modifies the password complexity file :
[[email protected] ~]# vim /etc/security/pwquality.conf

2. Modify the items mentioned in the inspection method ,
Positive numbers : Indicates the maximum number of , Such as ucredit = 5 Uppercase letters up to 5 individual
negative : Values for -1 At least one corresponding character is required 、 Values for -2 When, it means that two corresponding characters are required , By analogy , Such as ucredit = -1 Capital letters should be at least 1 individual

3. Modify example :( The minimum password length is 8 position , The password must contain upper and lower case letters 、 Numbers and special characters )
minlen = 8
dcredit = -1
ucredit = -1
lcredit = -1
ocredit = -1

copyright notice
author[qq_ eight hundred and sixty-three thousand nine hundred and nine],Please bring the original link to reprint, thank you.
https://en.cdmana.com/2022/01/202201270411249027.html

Random recommended