https://community.hpe.com/t5/operating-system-linux/change-password/m-p/3213471#M10562 Hi,<BR /><BR />I was wondering if anyone else has had this problem? Does anyone know<BR />of a fix for this problem?<BR /><BR />When a regular user tries to change their password, using the "passwd"<BR />command, the new password is rejected with a "bad password" message.<BR />This happens even though the new password is definitely not a<BR />dictionary word:<BR /><BR />[grover kumkwat grover]$ passwd<BR />Changing password for grover<BR />(current) UNIX password:<BR />New UNIX password:<BR />BAD PASSWORD: it is based on a dictionary word<BR />New UNIX password:<BR />BAD PASSWORD: it is based on a dictionary word<BR />New UNIX password:<BR />BAD PASSWORD: it is based on a dictionary word<BR />passwd: Authentication token manipulation error<BR /><BR />Root can change the user's password, but still gets the same "bad<BR />password" message on the first try. The password is changed if root<BR />re-enters the "bad password":<BR /><BR />[root kumkwat grover]# passwd grover<BR />Changing password for user grover<BR />New UNIX password:<BR />BAD PASSWORD: it is based on a dictionary word<BR />Retype new UNIX password:<BR />passwd: all authentication tokens updated successfully<BR /><BR /><BR />but the users always compliant the message , how can I disable it ? thx<BR /> Tue, 09 Mar 2004 10:10:56 GMT peterchu1 2004-03-09T10:10:56Z https://community.hpe.com/t5/operating-system-linux/change-password/m-p/3213471#M10562 Hi,<BR /><BR />I was wondering if anyone else has had this problem? Does anyone know<BR />of a fix for this problem?<BR /><BR />When a regular user tries to change their password, using the "passwd"<BR />command, the new password is rejected with a "bad password" message.<BR />This happens even though the new password is definitely not a<BR />dictionary word:<BR /><BR />[grover kumkwat grover]$ passwd<BR />Changing password for grover<BR />(current) UNIX password:<BR />New UNIX password:<BR />BAD PASSWORD: it is based on a dictionary word<BR />New UNIX password:<BR />BAD PASSWORD: it is based on a dictionary word<BR />New UNIX password:<BR />BAD PASSWORD: it is based on a dictionary word<BR />passwd: Authentication token manipulation error<BR /><BR />Root can change the user's password, but still gets the same "bad<BR />password" message on the first try. The password is changed if root<BR />re-enters the "bad password":<BR /><BR />[root kumkwat grover]# passwd grover<BR />Changing password for user grover<BR />New UNIX password:<BR />BAD PASSWORD: it is based on a dictionary word<BR />Retype new UNIX password:<BR />passwd: all authentication tokens updated successfully<BR /><BR /><BR />but the users always compliant the message , how can I disable it ? thx<BR /> Tue, 09 Mar 2004 10:10:56 GMT https://community.hpe.com/t5/operating-system-linux/change-password/m-p/3213471#M10562 peterchu1 2004-03-09T10:10:56Z https://community.hpe.com/t5/operating-system-linux/change-password/m-p/3213472#M10563 You can get some useful information<BR />at:<A href="http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam-6.html#ss6.2" target="_blank">http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam-6.html#ss6.2</A><BR />(Cracklib pluggable password strength-checker)<BR /><BR />Collect the modified parameter for your needing (difok=x, minlen=y, and so on) and<BR />tail them at:<BR />password required /lib/security/pam_cracklib.so retry=3<BR />in the file /etc/pam.d/passwd<BR /><BR /><BR />But dictionnary based passwords are bad passwords, even if they are long... Could you provide an example of 'good password' that provides this message ?<BR />Thanks to assign points if useful...<BR /><BR />J Tue, 09 Mar 2004 10:21:26 GMT https://community.hpe.com/t5/operating-system-linux/change-password/m-p/3213472#M10563 Jerome Henry 2004-03-09T10:21:26Z https://community.hpe.com/t5/operating-system-linux/change-password/m-p/3213473#M10564 If you *REALLY* want to disable poor password checking (though it seems broken on your system), remove the line that has pam_cracklib.so from /etc/pam.d/system-auth.<BR /><BR />Is is strange that good passwords are causing problems, though. If using redhat, try running "up2date pam" - I am running pam-0.75-51 on AS 3.0 and pam-0.75-46.7.3 on AS 2.1. Tue, 09 Mar 2004 15:50:49 GMT https://community.hpe.com/t5/operating-system-linux/change-password/m-p/3213473#M10564 Nat Guyton 2004-03-09T15:50:49Z https://community.hpe.com/t5/operating-system-linux/change-password/m-p/3213474#M10565 I just want to disable the message "BAD Password " because this message is non useful to users , if good password , there will no message pop up. Tue, 09 Mar 2004 18:15:11 GMT https://community.hpe.com/t5/operating-system-linux/change-password/m-p/3213474#M10565 peterchu1 2004-03-09T18:15:11Z https://community.hpe.com/t5/operating-system-linux/change-password/m-p/3213475#M10566 You can either disable good/bad password checking like has been mentioned already in the thread, or unfortunately just live with it.<BR /><BR />I suppose the other options would be to yank the source for 'passwd', and pull out the 'BAD PASSWORD:' bits and recompile yourself.. Tue, 09 Mar 2004 23:35:40 GMT https://community.hpe.com/t5/operating-system-linux/change-password/m-p/3213475#M10566 Stuart Browne 2004-03-09T23:35:40Z