Re: Implementing Security Policies

n 6/23/06, Bhaskar abc.bhaskar@gmail.com wrote:

Dear Stephen,

Thanks for responding.

My security policies include something as below:

setting minimum password length. setting number of retry attempts for the password. setting password history, etc.

In FC3, I tried by changing MIN_PASS_LEN=5 in /etc/login.defs files and also included minlen=5 parameter in /etc/pam.d/system-auth file.

THat is correct. You will also need to run through /etc/shadow and make sure that any account with passwords has the correct values in them also.

Password history you will need to use the pam_passwdqc moduel in pam.

Most security policies will ask for a minimum length of 7 characters (though 8 is preferred), and a change time of 90 days.