Configuring password complexity and limiting reused password usage

در این مطلب به شما آموزش خواهیم داد که چگونه به ایجاد محدودیت و قرار دادن پیچیدگی برای رمز های عبور در Centos 7 استفاده شده بپردازید تا از قرار دادن رمز های ساده بر روی یوزرها جلوگیری شود.

By editing the /etc/pam.d/system-auth file, we can configure the password complexity and the number of reused passwords to be denied.

Password complexity refers to the complexity of the characters used in the password, and the reused password deny refers to denying the desired number of passwords the user used in the past.

By setting the complexity, we force the usage of the desired number of capital characters, lowercase characters, numbers, and symbols in a password.

The password will be denied by the system until and unless the complexity set by the rules is met. We do this using the following terms:

Force capital characters in passwords: ucredit=-X, where X is the number of capital characters required in the password.

Force lower case characters in passwords: lcredit=-X, where X is the number of lowercase characters required in the password.

Force numbers in passwords: dcredit=-X, where X is the number of numbers required in the password. Force the use of symbols in passwords: ocredit=-X, where X is the number of symbols required in the password.

For example: password requisite pam_cracklib.so try_first_pass retry=3 type= ucredit=-2 lcredit=-2 dcredit=-2 ocredit=-2 Deny reused passwords: remember=X, where X is the number of past passwords to be denied.

For example: password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok remember=5

Let’s now take a look at a sample configuration of /etc/pam.d/system-auth

فیسبوک توییتر گوگل + لینکداین تلگرام واتس اپ کلوب

دیدگاهتان را بنویسید

نشانی ایمیل شما منتشر نخواهد شد. بخش‌های موردنیاز علامت‌گذاری شده‌اند *

84 − = 76