HPE Community
Operating System - Linux
1820879 Members
5149 Online
109628 Solutions
New Discussion юеВ

Re: change password

 
peterchu1
New Member

тАО03-09-2004 02:10 AM

тАО03-09-2004 02:10 AM

change password

Hi,

I was wondering if anyone else has had this problem? Does anyone know
of a fix for this problem?

When a regular user tries to change their password, using the "passwd"
command, the new password is rejected with a "bad password" message.
This happens even though the new password is definitely not a
dictionary word:

[grover kumkwat grover]$ passwd
Changing password for grover
(current) UNIX password:
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
passwd: Authentication token manipulation error

Root can change the user's password, but still gets the same "bad
password" message on the first try. The password is changed if root
re-enters the "bad password":

[root kumkwat grover]# passwd grover
Changing password for user grover
New UNIX password:
BAD PASSWORD: it is based on a dictionary word
Retype new UNIX password:
passwd: all authentication tokens updated successfully


but the users always compliant the message , how can I disable it ? thx
0 Kudos
Reply
4 REPLIES 4
Jerome Henry
Honored Contributor

тАО03-09-2004 02:21 AM

тАО03-09-2004 02:21 AM

Re: change password

You can get some useful information
at:http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam-6.html#ss6.2
(Cracklib pluggable password strength-checker)

Collect the modified parameter for your needing (difok=x, minlen=y, and so on) and
tail them at:
password required /lib/security/pam_cracklib.so retry=3
in the file /etc/pam.d/passwd


But dictionnary based passwords are bad passwords, even if they are long... Could you provide an example of 'good password' that provides this message ?
Thanks to assign points if useful...

J
You can lean only on what resists you...
0 Kudos
Reply
Nat Guyton
Advisor

тАО03-09-2004 07:50 AM

тАО03-09-2004 07:50 AM

Re: change password

If you *REALLY* want to disable poor password checking (though it seems broken on your system), remove the line that has pam_cracklib.so from /etc/pam.d/system-auth.

Is is strange that good passwords are causing problems, though. If using redhat, try running "up2date pam" - I am running pam-0.75-51 on AS 3.0 and pam-0.75-46.7.3 on AS 2.1.
Never underestimate the bandwidth of a station wagon filled with backup tapes
0 Kudos
Reply
peterchu1
New Member

тАО03-09-2004 10:15 AM

тАО03-09-2004 10:15 AM

Re: change password

I just want to disable the message "BAD Password " because this message is non useful to users , if good password , there will no message pop up.
0 Kudos
Reply
Stuart Browne
Honored Contributor

тАО03-09-2004 03:35 PM

тАО03-09-2004 03:35 PM

Re: change password

You can either disable good/bad password checking like has been mentioned already in the thread, or unfortunately just live with it.

I suppose the other options would be to yank the source for 'passwd', and pull out the 'BAD PASSWORD:' bits and recompile yourself..
One long-haired git at your service...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.