1) Install the libpam-pwquality package
sudo apt updatesudo apt install libpam-pwquality
2) Edit the PAM password configuration file open the /etc/pam.d/common-password file for editing:
sudo nano /etc/pam.d/common-password
3) Add or modify the pwquality settings:
password requisite pam_pwquality.so retry=3password requisite pam_pwquality.so retry=3 minlen=12 dcredit=-1 ucredit=-1 lcredit=-1 ocredit=-1
retry=3: Allows 3 retries if the user enters an invalid password.minlen=12: Requires a minimum password length of 12 characters.dcredit=-1: Requires at least 1 digit.ucredit=-1: Requires at least 1 uppercase letter.lcredit=-1: Requires at least 1 lowercase letter.ocredit=-1: Requires at least 1 special character (e.g., @, #, $).
4) Optional: Add additional password strength rules:
sudo nano /etc/security/pwquality.conf
Here you can add options like:minlen = 12dcredit = -1ucredit = -1lcredit = -1ocredit = -1maxrepeat = 2 # Prevent repeated charactersmaxclassrepeat = 2 # Prevent excessive character class repetition
5) Save and exit: After editing
6) Test the configuration:
sudo passwd <username>
- https://chatgpt.com/share/6708c50a-d480-8010-8ea4-418483178302
