Hitachi CE50-10 Instruction Manual page 82

5. Configuring Software Environment
• Password expiration date
(1) Setting password conditions
This function ensures that only passwords that satisfy security conditions are used.
You can specify the following security conditions:
• Password length (minimum required number of characters)
• Combination of characters (uppercase letters, lowercase letters, numbers, and symbols)
• Check of whether the password was previously used
By default, nothing is specified. Specify conditions that meet your security requirements. Note that the Ubuntu's
standard password policy always takes effect; the password must be at least 8 characters, must include at least 5
different types of characters, and must not be an easily guessable word such as password, qwerty, or hitachi.
1. To set this function, edit the configuration file.
$ sudo vi /etc/pam.d/common-password
2. In the common-password file, check the lines after # password policy configuration.
# password policy configuration
#Example: password
credit=-1 dcredit=-1 ocredit=-1 reject_username enforce_for_root
password requisite
You can specify password conditions by adding options after password requisite pam_pwquality.so
retry=3.
Table 5‒14: List of password condition setting options below shows the options that can be set.
Table 5‒14: List of password condition setting options
No.
1 minlen
2 ucredit
3 lcredit
dcredit
4
5 ocredit
6 reject_username
7 enforce_for_roo
t
#: If minlen is also specified, set a value multiplied by -1 (example: ucredit=-1).
3. The following shows a detailed example of password conditions.
66
requisite
pam_pwquality.so retry=3
Option
Sets the password length (minimum required number of characters).
If minlen=8 is set, the password must contain at least eight characters.
Sets the minimum number of uppercase alphabetic letters that a password must
contain.
If ucredit=1 is set, the password must contain at least one uppercase alphabetic
#
letter.
Sets the minimum number of lowercase alphabetic letters that a password must
contain.
If lcredit=1 is set, the password must contain at least one lowercase alphabetic
#
letter.
Sets the minimum number of numbers that a password must contain.
If dcredit=1 is set, the password must contain at least one number.
Sets the minimum number of symbols that a password must contain.
If ocredit=1 is set, the password must contain at least one symbol.
Checks whether the password contains a user name.
If you specify this option, the password cannot contain a user name.
Applies the same conditions to the root user.
pam_pwquality.so retry=3 minlen=8 ucredit=-1 l
Description
#