Password Length, Complexity and Password Space :
Uset the PAM pam_cracklib.so module. Access a sample /etc/pam.d/system-auth file here. As a privileged user, modify the pam_cracklib.so parameters in the sample file to implement the system password policy. Relevant parameters are:
minlen: Establishes a minimum acceptable length for user generated passwords. Works in conjunction with the *credit parameters.
difok: Establishes the minimum number of characters by which a new password must differ from the previous password.
lcredit, ucredit, dcredit, and ocredit (lower, upper, digit, other character classes, respectively): Establishes the number of "credits" in a new password for a particular character class, which can be used to modify the minimum required password length for sufficiently "complex" user selections, or to implement password complexity rules. *credit has a default value of 1, which works to reduce the minimum length requirement (minlen) by 1 character for each character class the user chooses in a new password. Thus, by default, if minlen = 8, users can get away with, say, 6 character passwords if they choose characters from 3 out of 4 of the character sets. Setting *credit values to 0 disables the reduction of minlen . Setting minlen < 0 establishes the minimum number of characters from the particular character class that must appear in the new password
