Set Password Minimum Length in login.defs
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
Description
To specify password length requirements for new accounts, edit the file
/etc/login.defs
and add or correct the following line:
The DoD requirement is 15
.
The FISMA requirement is 12
.
The profile requirement is
12
.
If a program consults /etc/login.defs
and also another PAM module
(such as pam_pwquality
) during a password change operation, then
the most restrictive must be satisfied. See PAM section for more
information about enforcing password quality requirements.
Rationale
Requiring a minimum password length makes password
cracking attacks more difficult by ensuring a larger
search space. However, any security benefit from an onerous requirement
must be carefully weighed against usability problems, support costs, or counterproductive
behavior that may result.