GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  PWQUALITY.CONF (5)

.ds Aq ’

NAME

pwquality.conf - configuration for the libpwquality library

CONTENTS

Synopsis
Description
Options
Authors

SYNOPSIS

/etc/security/pwquality.conf

DESCRIPTION

pwquality.conf provides a way to configure the default password quality requirements for the system passwords. This file is read by the libpwquality library and utilities that use this library for checking and generating passwords.

The file has a very simple name = value format with possible comments starting with # character. The whitespace at the beginning of line, end of line, and around the = sign is ignored.

OPTIONS

The possible options in the file are:

difok

Number of characters in the new password that must not be present in the old password. (default 5)

minlen

Minimum acceptable size for the new password (plus one if credits are not disabled which is the default). (See pam_pwquality(8).) Cannot be set to lower value than 6. (default 9)

dcredit

The maximum credit for having digits in the new password. If less than 0 it is the minimum number of digits in the new password. (default 1)

ucredit

The maximum credit for having uppercase characters in the new password. If less than 0 it is the minimum number of uppercase characters in the new password. (default 1)

lcredit

The maximum credit for having lowercase characters in the new password. If less than 0 it is the minimum number of lowercase characters in the new password. (default 1)

ocredit

The maximum credit for having other characters in the new password. If less than 0 it is the minimum number of other characters in the new password. (default 1)

minclass

The minimum number of required classes of characters for the new password (digits, uppercase, lowercase, others). (default 0)

maxrepeat

The maximum number of allowed same consecutive characters in the new password. The check is disabled if the value is 0. (default 0)

maxsequence

The maximum length of monotonic character sequences in the new password. Examples of such sequence are 12345 or fedcb. Note that most such passwords will not pass the simplicity check unless the sequence is only a minor part of the password. The check is disabled if the value is 0. (default 0)

maxclassrepeat

The maximum number of allowed consecutive characters of the same class in the new password. The check is disabled if the value is 0. (default 0)

gecoscheck

If nonzero, check whether the words longer than 3 characters from the GECOS field of the user’s passwd entry are contained in the new password. The check is disabled if the value is 0. (default 0)

badwords

Space separated list of words that must not be contained in the password. These are additional words to the cracklib dictionary check. This setting can be also used by applications to emulate the gecos check for user accounts that are not created yet.

dictpath

Path to the cracklib dictionaries. Default is to use the cracklib default.

SEE ALSO

pwscore(1), pwmake(1), pam_pwquality(8)

AUTHORS

Tomas Mraz <tmraz@redhat.com>

Search for    or go to Top of page |  Section 5 |  Main Index


Red Hat, Inc. PWQUALITY.CONF (5) 10 Nov 2011

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.