Linux Password Policies

From Notes

Jump to: navigation, search

The /etc/login.defs file can be used to control password policies on linux hosts. An example is as follows: 

CREATE_HOME     yes
GID_MAX 60000
GID_MIN 500
MAIL_DIR        /var/spool/mail
PASS_MAX_DAYS   90
PASS_MIN_DAYS   0
PASS_MIN_LEN    8
PASS_WARN_AGE   7
UID_MAX 60000
UID_MIN 500

This policy will expire passwords after 90 days, require an 8 character password, and warn at 7 days before expiration for all users with uids greater than 499 (non system accounts).

Retrieved from "http://www.itsecureadmin.com/wiki/index.php/Linux_Password_Policies"
Personal tools