Set Password Policy & Complexity for RHEL 8 & 9 via pam_pwhistory, pam_pwquality & pam_faillock
Issue
- Set the following Password Policy and Complexity requirements in Red Hat Enterprise Linux:
- Keep history of used passwords (the number of previous passwords which cannot be reused).
- Enforce password complexity for root.
- Password size (Minimum acceptable length for the new password).
- Set a limit to the number of digits in the password.
- Set a limit to the number of Upper Case characters in the password.
- Set a limit to the number of Lower Case characters in the password.
- Set a limit to the number of Other characters in the password.
- Set a minimum number of required classes in the password (digits, uppercase, lowercase, others).
- Set a maximum number of allowed consecutive same characters in the password.
- Set a maximum number of allowed consecutive characters of the same class in the password.
- Set the number of characters from the old password that must not be present in the new password.
- Lock account after consecutive failed login attempts.
Environment
- Red Hat Enterprise Linux 8
- Red Hat Enterprise Linux 9
- pam_pwhistory.so
- pam_pwquality.so
- pam_faillock.so
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.