Recently i got the task to implement following password policies on SLES (SUSE Linux Enterprise Server) 11.x

  • Minimum password length should be 10 characters
  • Password should have one UPPERCASE Character
  • Password should have one LOWERCASE Character
  • Password should have one Numeric Character
  • Minimum Passwords to Remember or Password History is 4
  • Accounts should be lockout after 5 attempts.

These password policies can implemented using pam file “/etc/pam.d/common-password

First take the back up of common-password file .

# cd /etc/pam.d/
# cp common-password common-password.bak

Edit the file “/etc/pam.d/common-password” ,comment out the default modules and add the followings lines.

password required dcredit=-1 ucredit=-1 lcredit=-1 minlen=10 retry=5
password required use_authtok remember=4 retry=5
password required nullok use_authtok md5

Save & exit the file.

Now onwards, we can’t use the simple passwords, System will accepts only those passwords which satisfy above parameters.