The sys admin's daily grind: pwquality

Strong Passwords

Article from Issue 239/2020

Regular password changes are a thing of the past: Strong passwords for each individual service provide more protection. Charly pimped his Ubuntu accordingly with a suitable PAM module.

Changing the password regularly, about every 60 or 90 days, is now considered obsolete. It is better to use a separate strong password for each service and each login. The requirement for how strong (i.e., how complicated) a password must be is something that – at least on your own systems – you can define yourself.

On my test machine with Ubuntu, I can use almost any simple password I want – that has to change. To make sure it does, I first have to install the pwquality PAM library:

$ sudo apt install libpam-pwquality


Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Balancing Act

    CLI tools for generating passwords have many options that can help you strike a balance between ease of use and security.

  • Charly's Column

    Easy to remember but still safe – this is the classic conflict when it comes to choosing a password. The PWGen tool offers a sensible compromise.

  • Password Tools

    Create secure passwords with the help of a password generator and check for quality at the same time.

  • Security Lessons: Passwords

    Keeping track of all your passwords can be tricky. Kurt says: Keep your friends close and your passwords closer.

  • Charly's Column

    Users log on to services such as SSH, ftp, SASL, POP3, IMAP, Apache htaccess, and many more using their names and passwords. These popular access mechanisms are a potential target for brute-force attacks. An attentive bouncer will keep dictionary attacks at bay.

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95