Change password policy

[nash11]

When I force the user to change the password , the user will prompt the message (BAD PASSWORD: it is based on a dictionary word) , I understand this is a security reason to probit simple password , but if I want to disable this restriction ( that means the linux system allow any dictionary word ) , what can I do ? thx.

[Janne Pikkarainen]

See file /etc/pam.d/system-auth - the line containing pam_cracklib.so is the one you want to modify. For documentation about pam_cracklib and its options, browse /usr/share/doc/pam-<your-installed-pam-version>.
_________________
Yes, I'm the man. Now it's your turn to decide if I meant "Yes, I'm the male." or "Yes, I am the Unix Manual Page.".

[nash11]

I would like to have one more requirement , the default password length is at least 7 characters, if I want to change the default setting , that the system accept the password length is 6 characters , what can i do ? thx

[Janne Pikkarainen]

Change the pam_cracklib.so minlen parameter in /etc/pam.d/system-auth file.
_________________
Yes, I'm the man. Now it's your turn to decide if I meant "Yes, I'm the male." or "Yes, I am the Unix Manual Page.".

[nash11]

thx reply ,

the password length is Ok now , thx for help.

I would like to ask again , now my system accept the numerics only or characters only password , for example , the password can be 741852 ( all numerics ) or poiuyt ( all characters ) , if I want to control the password MUST have BOTH characters AND numerics , what can I do ? thx

[Janne Pikkarainen]

Not to be rude or anything, but did you read at all the documentation I pointed you at earlier?

Anyway, this is a copy-paste from /usr/share/doc/pam-<my-pam-version>/txt/README.pam_cracklib.gz: