Host OS User Password Policy

You can configure a password policy for different user accounts on the host OS. Use the following command to set a password policy:

$ cat /etc/security/pwquality.conf

Based on the policy, a password must meet the following criteria:

  • Minimum 14 characters in length.

  • Contain at least one lowercase character.

  • Contain at least one uppercase character.

  • Contain at least one numeric character.

  • Contain at least one special character.

  • Password must not be too simplistic or based on dictionary word.

  • Do not re-use passwords.

    Use the following commands to configure the number of passwords to keep in history:

    $ cat /etc/pam.d/common-password
    password required  pam_pwhistory.so use_authtok remember=5
  • Minimum number of days that are allowed between password changes is seven.