Software :: Password Management - The Password Length Must Be At Least 16 Characters Long
Feb 23, 2010
I have a requirement to set up linux system administrator password with respect to below guidelines... I was lookin at pam_passwdqc but not sure that it all the below mentioned criterias to be acheieved.. Please go thru the below criteria and let me know which utility should i use for it.
1 The password length must be at least 16 characters long.
2 The password must be different from the previous 20 passwords.# Not sure how to acheieve this
3 The password must be changed every 60 days.
4 The password must be different from the user ID. It must not contain any derivatives of the User ID. ]# Not sure how to acheieve this
5 The password must contain characters from 3 of the following 4 classes:
5.1 Upper Case
5.2 Lower Case
5.4 Special Characters (for example: #, $, &, ].....)
I need a little insight, and I�m not sure if the two can relate, but I am trying to find out the following. When generating WEP Keys the available bits are: 64/128/152/256; however, you need 5/13/16/29 character respectfully for each key if you generate the key manually.Can this formula be applied to passwords and the length of the password? For example: if my password had 29 characters, could I say that my password is 256-bits?
hello i am trying to change my password, but when i type in the new password i get this:"The password is longer than 8 characters. On some systems, this can cause problems. You can truncate the password to 8 characters, or leave it as it is."my question is what kind of problem could i get and how can i change so i have to log in every time i start the computer?
When I need to type in the password to get on a wifi network, the "connect" button is grayed out and unclickable until I've typed in 8 characters for the password, making it impossible to connect to networks with shorter passwords. I'm not sure if this problem is unique to 10.10 or not, I've been using linux for a couple years now and I've never tried to connect to a network with such a short password before until last weekend, after my friend figured out how to change his password from the one his ISP set for him.
I'm running Xubuntu 10.10 on an IBM T42 laptop, here's the relevant hardware from the lspci command, 02:01.0 Ethernet controller: Intel Corporation 82540EP Gigabit Ethernet Controller (Mobile) (rev 03) 02:02.0 Network controller: Intel Corporation PRO/Wireless LAN 2100 3B Mini PCI Adapter (rev 04)
I'm really new to Linux so this will probably sound like a pretty naive question to most users, but how do you change the root password?To install Java, I have to type # su into Terminal,which then asks for the password.What's weird is that when I start typing a password, no characters show up. I don't know if this is supposed to happen or not.I've found a bunch of different sites on the Internet that explain how to change the root password, but none of them seem to work for my specific work station.
I've got Ubuntu 9.10 64 bit. In the GRUB boot menu, I can choose to boot normal or in recovery mode (I'm led to believe older versions don't have this option).I've tried typing # sudo passwrd into Terminal, but I already have a root password set up apparently, so I can't change it there.
I'm trying to change the password for an account using the passwd command in Linux. However I'm getting the error:
"BAD PASSWORD: it does not contain enough DIFFERENT characters"
Even though the passwords I'm trying seem pretty safe and complicated enough to me. I googled and think this is controlled by something called cracklib? Don't know for sure though. How can I change the settings for this, perhaps lowering the amount of different characters required, or disabling whatever security setting is causing this error?
In Ubuntu 9.10 is there a way of setting the password to only three characters.If one goes to system, Preferences, About Me, the password can be reset, but it only lets you set it to eight characters, I would prefer three or less.
So in an environment where I have 40+ sets of completely unique sets of logon credentials. The only way I've been able to manage this is by keeping them in a hidden and heavily encrypted text file in my home dir.Would like to hear alternatives to this approach if there are any, BTW. Right now I have a script that automates the process of un-encrypting the file, launching an editor and then clean-up with shred -u after editing and re-encrypting.
What bugs me is the interim where I have the file in an un-encrypted state on my drive. It doesn't seem necessary. I have a view script that allows me to see what's in the file without saving it to the drive.
I have an unreasonably long time to wait from log in, to when my desktop is ready, it takes 40 seconds from hitting enter to seeing my files on the desktop, and about another 15 seconds from then to hearing the opening jingle. It used not to be this way, before it took less than 10 seconds, but about 4 days ago this time shot up suddenly, is there some way to diagnose whats causing this delay?
I would like to restrict a few selected accounts to minimum of 15 characters passwords. Other accounts,however, should still be able to login with 8 character passwords. This is in RHEL 5. Does anyone know how to go about it? I have checked PAM documentation and pam_cracklib.so has an option minlen. As per its documentation, minlen can force users to use 15 characters, but it forces every account on the system. I might be wrong too.
This is mostly an FYI. I have been messing around with an old desktop to see what I could do.
I installed an image of XP, then tried installing Ubuntu. I chose the option to install along side XP, and adjusted the partition size. The install gets to the point where I create my password, and I get exactly 4 characters entered in the first password field and it freezes. It did the same thing on two consecutive installation attempts.
I maintain a samba PDC for a small business, our current setup does not work very well; on a hardware upgrade I directled imported the old ldap database and attempting to add machines to the domain causes all sorts of trouble.
I'm 95% sure the original database (which predates my employment) was created using the idealx smb-ldap tools, unfortunately on our current platform (debian lenny) these tools seem to be broken; the only things hey seem to do reliably are set passwords and add posix users, asking them to do anything involving samba/windows causes errors. The idealx tools seem to be abandoned, and I don't know enough perl to try and fix them.
Since the idealx scripts seem to be abandoned, and most of the good samba+ldap how-tos references the idealx tools, I was wondering what people use nowadays to manage there ldap directories; surely they aren't importing .ldif files to add new users/machines like I've been doing. Are people just writing thier own management scripts/web-apps? Or are the smb=ldap tools just broke on debian?how to generate the NT/LM password hashes and proper SIDs, does anybody have anything they could point me to about this?
I'm seeing really bad user login format under a standard installation and am wondering why ubuntu does this as default. I have noticed that the graphical login for gnome sizes itself to accommodate a user's exact password length. This indicates to me that somewhere on the unencrypted part of a standard installation with user encryption contains at least some indication of the content of the password length which seems a security flaw even if not a complete hole, it majorly reduces the number of attempts a cracker would have to cycle through.
And that's assuming that *only* the length is contained. Furthermore it seems that it would be MUCH better to simply display the number of characters entered into the pw field and allowing the gui to expand itself from an fixed size as the field is filled out so the the user still receives visual feedback for entering characters. Either a simple character count display should be entered into the field or a 10 dot to new line so that one can visually quickly count the number enter by multiplying from a 10base graphical observation.
we are using linux email server axigen past few years. we keep port open ssh and pop,smtp webmail etc. ssh use for remote trouble shooting. so through firewall it is globally accessable. we notice many attacks coming to our machine, also some people try to enter in our system but failure. as example see below a log come in messages file
Mar 17 09:19:50 sa1 sshd(pam_unix): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.8.131.52 user=root how we can secure more. as per my understanding only good long strong password can stop to prevent from attacks.
I am an absolute Linux Beginner who is being required to do a bit of admin work because the boss just fired the old linux admin. Unfortunately, one of our employees cannot remember her password to her email account and as such I need to reset it on our linux server.What I want to check is that this email account is actually a linux user account and I simply will reset the password for it using the passwd command from the root login. Is that correct?
I m Trying to get vsftpd usergroups to work i accidentally moved a file called passwd from /etc/vsftpd/ to /etc/, resulting in my root access is destroyed! how to restore the passwd file so i can keep working, or do i have to re-install the entire box?
I work on a product that have to start automatically an application. Running Opensuse 11.2 So in the inittab I have : 1:2345:once:/root/Velox/VeloxBoot.sh 2:2345:respawn:/sbin/mingetty tty2
In the VeloxBoot.sh, if I don't press any key, my application starts after a timeout. If the user presses a key I want to have a login prompt. Unfortunately, if I start /bin/login, I have a prompt with login, but once I enter my login, it does not ask for a password and it says wrong password
I thought these were the same password?In-fact, they WERE the same password on the set-up I currently have.But now, weirdly, I can log in fine but I the exact same password is not using in order to perform admin tasks.I've tried a recovery mode, console, and then "password (username)" in order to reset the password.This does reset the password I need to use to log in, but the password still does not work for performing admin tasks
I want to give my users option of logging to the system. They should have posibillity for choosing option betweend logging to the system with their default password or one-time password OTPW. I installed OTPW in my Debian. Here is my /etc/pam.d/sshd file:
I have a rather difficult problem. Every time I need root privileges and I am asked to authenticate (i.e. Update Manager, mounting a partition, etc), the password window comes up, shakes and immediately closes, leaving me with no chance to enter a password. What to do?edit: this is NOT the login window, just the little dialog that pops up when you need elevated privileges.
I know this has probably been asked too many times here but I need to secure my emails. Personal matters of course. But yeah. I use the program "Password and Encryption Keys" to generate a key to sign my emails with but I do not know what to do. To be blunt, I'm stupid when it comes to this. IF not, steps in creating a key? and giving it (my public key) to the significant other? Finding where both keys are? Implementing it into Thunderbird? If it helps any here's some extra information: Ubuntu distro: Ubuntu 10.04 Email client: Thunderbird
I am new to using Ubuntu 10.10 that was installed by a friend of mine, but he didn't give me a password for administrator and now when I try to install VLC I am blocked by a password prompt. To make things worse I can't use F1 key, esc key, tab key, 1key (I copy and paste 1 from other pages when I need it). I am at a loss here and all I want is to change the administrator password without validating the current password first.
I have a brand new install.I was doing some housekeeping and made a more sure password.Something went wonky and I got locked out.So I booted to root and changed the password.I'm back in the box now.But, my keyring password no longer matches my user password.So every time I want to do something I am asked for my old password.How do I change my keyring password to match my login password?