What's best practice to enforce system-wide strong passwords?

datenimperator · August 21, 2009, 7:03am

Hi,

subject says it all… I’ve fumbled with the PAM setting, eventually setting the minimum password length, but the Webmin “change password” module didn’t reject my too-short password when I tried to change it.

Best thing would be to have constraints enforced system-wide, no matter by what means people try to change their passwords: Webmin, Usermin, Virtualmin, via SSH and “passwd” or Samba.

Any ideas? Kind regards,

Christian

p.s.: System is Ubuntu 8.04 LTS

ronald · August 21, 2009, 3:18pm

did you go to webmin - system - Users and Groups then upper corner go to Module Config (under help)
then scoll to Password restriction and Minimum password length set to 8 or more.

also Prevent dictionary word passwords? set to yes

That should work.