Security Question: Lock after invalid login, Session Lock and Required Minimum Password Length

Linux and Unix-Like Red Hat
1

Hello all,

If anyone has time, I have a few questions:

How do I do the following in Linux. We are using Red Hat and Oracle Enterprise Linux, which is based on Red Hat too.

  1. How to lock the account after a few (like 3) invalid password attempts?

  2. How do you lock a screen after 30 minutes of inactivity?

  3. How do you require a minimum password length when changing passwords or creating a new account?

Thanks in advance for any help.

2
  1. Use pam_tally. man page and a quick description
  2. On graphical displays it depends on the dektop environment/screensaver settings, which are user-specific.
  3. Change the settings for pam_pwcheck (probably in the file /etc/pam.d/password) and set minlen accordingly. You can even set an option to prevent the user to reuse the last n passwords.