How To Set User Password Policy On CentOS / Redhat 7

This is important to change the default password policy on the Linux system. By default, there’s no password policy applied in Linux and So you can set user and create password policy by editing in those files /etc/pam.d/system-auth and /etc/pam.d/password-auth.

Check Out: How To Check User Account Locked or Not In Linux

You can force the user to change their password at first login with chage command and also set the expiration of the user account. To check, all the information about the user, use this command lslogins username. 

How To Set User Password Policy On CentOS 7:

Carefully change these settings in the files, I would suggest you try this setting on a user before applying on the root users. User management plays a vital role in Linux. you should not that.

You may find all the files here /etc/pam.d/

Requirement 1: set the minimum length, insert the below line if does not exist in this file vim /etc/security/pwquality.conf

minlen = 9

Requirement 2: keep the history of the password used on the system and you need to insert the below line in this file /etc/pam.d/system-auth and /etc/pam.d/password-auth (after pam_pwquality.so line).

password    requisite    pam_pwhistory.so  remember=5   use_authtok

Check Out: Create User And Group Using Command line

Requirement 3 : After enabling pam_pwquality.so in password-auth and system-auth, now add these parameters in /etc/security/pwquality.so

minlen=15

minlen = Minimum length

dcredit=-1

dcredit = Minimum credit for having required digit in password

ucredit=-1

ucredit = Minimum credit for having an uppercase character in the password

ocredit=-1

ocredit = Minimum credit for having another character in the password

lcredit=-1

lcredit = Minimum credit for having a lowercase character in the password

Requirement 4: you can also force root to password complexity by editing in this file /etc/security/pwquality.conf

enforce_for_root

You’re done create password policy linux

Share on:

I'm the founder of Curious Viral. I hope this blog will provide you complete information about Linux Technology & I would like to share my technical knowledge with you which I have learned during this period.

Other Posts You May Like...

Leave a comment