The sys admin's daily grind: pwquality

Strong Passwords

Article from Issue 239/2020
Author(s):

Regular password changes are a thing of the past: Strong passwords for each individual service provide more protection. Charly pimped his Ubuntu accordingly with a suitable PAM module.

Changing the password regularly, about every 60 or 90 days, is now considered obsolete. It is better to use a separate strong password for each service and each login. The requirement for how strong (i.e., how complicated) a password must be is something that – at least on your own systems – you can define yourself.

On my test machine with Ubuntu, I can use almost any simple password I want – that has to change. To make sure it does, I first have to install the pwquality PAM library:

$ sudo apt install libpam-pwquality

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Strong Passwords

    Regular password changes are a thing of the past: Strong passwords for each individual service provide more protection. Charly pimped his Ubuntu accordingly with a suitable PAM module.

  • System Hardening

    A good reputation does not protect your Linux systems from attack. We'll show you some tips for detecting and warding off intruders.

  • Balancing Act

    CLI tools for generating passwords have many options that can help you strike a balance between ease of use and security.

comments powered by Disqus