Increase Password length

Linux and Unix-Like Red Hat
1

Hello All,

I am using RHEL 4. Currently maximum password length limit is set to 8 on my system.

Please tell what do i need to change to increase this limit to say 20. I changed the login.defs and included the following line -
"
PASS_MAX_LEN 20
"
but this dint work.

I further modified /etc/pam.d/system-auth file and added there too as-

"
password sufficient /lib/security/$ISA/pam.unix.so nullok maxlen=20 use_authtok md5 shadow
"

but this too doest work.

Can anyone please tell me how to increase the password length.

Thanks and Regards,
Shamik.

2

Check the /etc/default/security file for system wide settings.
Note that despite the possibility to use more characters, only the first 8 are used.

Regards

3

Can you please tell in brief what does the following mean -

"Note that despite the possibility to use more characters, only the first 8 are used."

The security directory is present in /etc directory in my system and following are its contents -

console.apps/
access.conf
chroot.conf
console.perms
group.conf
limits.conf
opasswd
pam_env.conf
pam_winbind.conf
time.conf

There is no file called security in /etc/default

4

This means:
password hashing uses the first 8 characters of the password, the rest are ignored.

5

I don't get it. My root password is almost twice as long, and mistyping any of the characters after the eighth makes a failed login. Unless this is some odd redhat-specific thing...

6

A lot of older versions of unix don't support more than 8 characters. HPUX 10.2 for example. Stevens 'Advanced Programming in the UNIX Environment' mentions it as well. Red Hat out of the box hashes a maximum of 8; here is a discussion explaining changing PAM etc. to increase the password length:

Red Hat Knowledgebase: How do I change the default password length?

I have not used RHEL 4 so I assumed this was true.

7

on my RHEL5.2

it not work, why ??

entry in /etc/pam.d/system-auth
password requisite pam_cracklib.so try_first_pass retry=3 minlen=8

8

Are you trying a standard user account when you make these changes or a root user? In RH some password requirements don't work under root or sudo.

Create a standard user...Set your password minlen to 10...then log in as the user and try changing the password to an 8 character password. It should give an error message.