The best password in the world does little good if you cannot remember it; use acronyms or other mnemonic devices to aid in memorizing passwords.
Here is how to create a simple way to create a good password :
- Over eight characters
- Combines letters, numbers and symbols
- Easy for you to remember, but difficult for others to guess
Make all (or some) of the following substitutions
- For the word "are", use "r"
- For the word "be", use "b"
- For the word "for", use 4
- For the word "nothing", use 0 (zero)
- For the word "to", use 2
- For the word "you" use "u"
- For the word "we", use "v"
- For any numbers, type the number
- If permitted, use "&" for and, or "@" for at.
"To be or not to be, that is the question" becomes : 2bOn2BtItQ
Or
"lost is the best Series from 2009" becomes : LsdbSft2&9
A friend of mine asked how to disable password checking against dictionary words in Red Hat using pam here is little how to
Open the following file with your favorite editor /etc/pam.d/system-auth eg # vi /etc/pam.d/system-auth
1) Comment out the line referencing to pam_cracklib
# password optional pam_cracklib.so try_first_pass retry=3
2) Remove "use_authtok" from the line following line.
# password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
This will disable Dictionary password checking when creating or changing passwords.
1 comment:
I am trying to implement password complexity, saw your post and tried following config in the system-auth file:
password requisite pam_pwquality.so try_first_pass retry=3 minlen=9 dcredit=-2 ucredit=-2 lcredit=-2 ocredit=-2 enforce_for_root
password sufficient pam_unix.so md5 shadow nullok try_first_pass
All the conditions are working fine, but the dictionary check is still enabled which I want to remove.
Getting the following msg:
BAD PASSWORD: The password fails the dictionary check - it is based on a dictionary word
Post a Comment