Enforcing Password Complexity on CentOS 7
In this scenario, we are going to learn how to enforce password complexity policy on CentOS 7 and similar derivatives.
As you realize, the traditional way of using passwords is still the major method of authenticating to various services.
As a result, it is a good idea for every system admin to ensure that strong password policy is enforced since it is always the first line of defense security wise.
Objectives of this Scenario
- Enforce password complexity policy on CentOS 7 and similar derivatives using pwquality Pluggable Authentication Module.
- Disable password re-use using pwhistory PAM module
Reference
- man pam_pwquality
- man pam_pwhistory
- MODESINGLEPLAYER
- TYPECCL
- DIFFICULTYINTERMEDIATE
- TIME90 MINUTES
- COST10 CRYSTALS