[wplug] Security Policy
Bob Schmertz
rschmertz at speakeasy.net
Thu Jun 5 23:55:11 EDT 2003
You might also have a look at
http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam.html .
Bob Schmertz incurred the wrath of Bob on Jun 5, by saying
>Scott Eicher incurred the wrath of Bob on Jun 5, by saying
>
>>
>>Hello all,
>>
>[snip general request mentioning that this is Red Hat]
>>
>>Force users to create an 8 digit alpha numeric "strong" password and not
>>accept simple passwords or dictionary passwords.
>
>The passwd utility does give warnings, but I couldn't find a way to
>actually make it force the use of certain types of passwords.
>
>>Do not allow users to set a password that was used in the last year and
>>prevent users from changing a newly created password for 2 days.
>
>chage takes care of the second half of this one, but I don't know about
>the first. Out of curiosity, why would you want to prevent a user from
>updating his password twice in a short period of time?
>
>>When we set a user's password we need it to expire and prompt the user for a
>>new password upon logging in.
>>Lock user accounts after 3 unsuccessful attempts to login.
>
>Don't know.
>
>>Users must be forced to change their password every 30 days.
>
>Again, chage.
>
>Couldn't find any info about the others. I've never had to implement
>password policies, so I don't know much about it. Anyone should feel
>free to add to this.
>
>
--
Cheers,
Bob Schmertz
More information about the wplug
mailing list