Linux How To Set Password Rules and Policies
Summary
TLDRThis Linux tutorial demonstrates how to set password rules for user accounts on a Linux system. The video starts by creating a user with a simple '123' password, then moves on to installing the 'libpam-pwquality' library to enforce stronger passwords. It guides viewers through editing the '/etc/pam.d/common-password' file to set minimum password length, require uppercase letters, lowercase letters, digits, and special characters. The tutorial shows how to apply these rules by attempting to change a user's password, illustrating the enforcement of the newly set criteria.
Takeaways
- 😀 The tutorial demonstrates how to set password rules in Linux to enhance security.
- 🛠️ The 'adduser' command is used to create a new user in Linux, but it allows weak passwords by default.
- 🔒 To enforce stronger passwords, a password quality check library must be installed, such as 'libpam-pwquality'.
- 📚 The '/etc/pam.d/common-password' file is where password rules can be configured in Debian-based systems.
- ✏️ Editing the 'common-password' file with root privileges allows setting various password requirements.
- 🔡 The minimum password length can be set by adding 'minlen' followed by the desired number of characters.
- 🔑 The 'ucredit', 'lcredit', 'dcredit', and 'ocredit' options can be used to enforce the inclusion of uppercase letters, lowercase letters, digits, and special characters, respectively.
- 🚫 The script shows that passwords not meeting the new rules will be rejected, prompting users to create stronger passwords.
- 🔄 After making changes to the 'common-password' file, the system will reflect these rules for new passwords.
- 🔄 The tutorial suggests that users can experiment with different options to create a customized set of password rules.
- 🙏 The presenter expresses gratitude for viewing the tutorial and hopes it was informative.
Q & A
What is the purpose of the tutorial?
-The purpose of the tutorial is to demonstrate how to set password rules in Linux to enhance security by adding complexity to user passwords.
What command is used to create a new user in Linux?
-The command used to create a new user in Linux is 'adduser', which should be executed with root privileges.
Why is the initial password '1 2 3' considered weak?
-The initial password '1 2 3' is considered weak because it lacks complexity, being a simple sequence of numbers without any uppercase, lowercase, or special characters.
What is the 'libpam-pwquality' package and why is it needed?
-The 'libpam-pwquality' package is a password quality check library used in Linux to enforce password rules. It is needed to set up and enforce password policies.
How can you install the 'libpam-pwquality' package on a Debian-based system?
-You can install the 'libpam-pwquality' package on a Debian-based system using the command 'apt-get install libpam-pwquality' with updates.
What file needs to be edited to set password rules in Linux?
-The file that needs to be edited to set password rules in Linux is '/etc/pam.d/common-password'.
What does the 'minlen' option do in the password rules configuration?
-The 'minlen' option in the password rules configuration sets the minimum length requirement for passwords.
How can you enforce a password to have at least one uppercase character?
-To enforce a password to have at least one uppercase character, you can add the option 'ucredit=-1' to the configuration line in the 'common-password' file.
What does the 'lcredit' option represent in the password rules?
-The 'lcredit' option in the password rules represents the requirement for lowercase characters in a password.
How can you require a password to have at least one digit?
-To require a password to have at least one digit, you can replace 'lcredit' with 'dcredit' and set it to '-1' in the configuration line.
What is the effect of adding 'ocredit=-1' to the password rules?
-Adding 'ocredit=-1' to the password rules enforces the requirement for at least one special character in the password.
Outlines
🛠️ Setting Password Rules in Linux
This paragraph introduces a Linux tutorial focused on establishing password rules for user accounts. The speaker demonstrates creating a user named 'gems' with a weak password ('1 2 3') and then discusses the necessity of a password quality check library. They proceed to install this library on a Debian distribution using the command 'apt-get install libpam-pwquality'. The goal is to enhance password security by setting rules within the '/etc/pam.d/common-password' file, starting with a minimum password length of 12 characters.
🔒 Enhancing Password Complexity in Linux
The second paragraph delves deeper into customizing password rules by editing the '/etc/pam.d/common-password' file. The speaker outlines how to enforce a password to include at least one uppercase letter by adding 'retry=3 minlen=12 difok=1 ucredit=-1' to the configuration line. They also explain how to require lowercase letters and digits, using 'lcredit' and 'dcredit' options respectively. Additionally, the speaker shows how to mandate the inclusion of special characters by setting 'ocredit=-1'. The paragraph concludes with a reminder to save changes and observe their effects on new user password requirements.
Mindmap
Keywords
💡Linux
💡Password Rules
💡User Creation
💡Root Privileges
💡Password Quality Check Library
💡Debian Distribution
💡/etc/pam.d
💡Minimum Length
💡Uppercase Letters
💡Special Characters
💡Numerical Values
Highlights
Introduction to setting password rules in Linux.
Creating a user with the 'adduser' command and setting a weak password.
The importance of password complexity and security.
Installing the 'libpam-pwquality' library for password quality checks.
Accessing the '/etc/pam.d' directory to modify password rules.
Editing the 'common-password' file to set minimum password length.
Setting a minimum password length of 12 characters.
Demonstration of attempting to change a password with less than the required length.
Adding a rule to require at least one uppercase character in the password.
Receiving an error message for not meeting the new password requirements.
Modifying rules to include at least one lowercase character.
Adding a requirement for at least one digit in the password.
Including a special character as part of the password requirements.
Customizing password rules with multiple options for enhanced security.
The necessity of saving changes to reflect new password rules.
Conclusion and thanks for viewing the tutorial.
Transcripts
hello youtube and welcome to another
Linux tutorial so today I'm going to
show you how to set password rules in
Linux so are you ready let's get started
so let's say for example you want to
create a user
so here I'll use the command add user
with root privileges so add user and
let's call it for example gems so here
I'm adding the user called gems so as
you can see it's asking me for a
password so here actually I can put
whenever password I want whenever land
whenever it's upper case or lower case
or anyone or anything I want so for
example I can just enter 1 2 3
and retype it 1 2 3 and it will accept
it
so the user gems has been created using
just password which is a very weak
password one two three so let's say that
we want to change the rule we want to
add more functionality more complexity
to these passwords so in order to do
that the first thing is to make sure
that you have installed what we call a
password quality check library so I will
install it with updates because I'm
using a Debian distribution here
applicate install then the lip ban -
quality check actually password quality
so this is the the level that they
should have be installed
and I hit enter
so it's to see if the library is distort
on that
and if not it will be solid so this is
the first step in order to set up rules
okay so now the library is installed now
I must go to specific actually five and
open it so like I can add my rules so I
will go to a directory called slash etc
slash Bam dot d okay so if I do list
here I can see a bunch of files okay but
there is a very interesting file that I
am going to change in order to set up my
rules which called common password as
you can see here so in order to edit
this file I should have read privileges
so I will just open it using the root
privileges within it editor I want here
I want to use for example Nano
and I'm gonna open this file which is
common password so as you can see here
it is very simple file
so let's say for example that we want to
set the minimum land of the passwords to
12 characters so I'll go to this line
here and just at the end I'll add space
and our right men men land take all to
whenever length I want for example here
I want to set it to 12 okay
so save my file control x2 yes and hit
enter
so now let's change the password for the
user chaps so the current for that case
password
[Music]
and the name of my user which is temps
so here it asking me the new password so
let's give it just for example four
characters and I hit enter as you can
see now it telling me it's a bad
password because we have set up the land
for 12 characters just exit
so I would open once again by five and
this time let's say for example that our
password must have at least one new per
character so I can add to the same line
new parameter I can delete this one so
let's say that we the lead is not
interesting so in order your password to
have at least one
yooper case we have to add option you
credit equal to minus one okay so now
the password must have at least one you
per characters all save yes and hit
enter and simply English changes so
let's just enter some characters so as
you can see now it gave me the message
that the password must contain at least
one upper case letter okay so just
accept over to the my file so you can
add many options that you want your line
here so for example if you want that
password contains at least one lowercase
character see how just to replace to you
with el el credit and always integral
minus one okay if you want your password
to have actually at least one digit so
one numerical value so you press the you
can replace the L by D default digit so
this time your password must have must
have at least one numerical value
if you want I can add money option for
example I want my password to have at
least one digit and at least one special
character so I can add other character
with opportunity or credit equal -1 ok
so in this case my password must have at
least one numerical value one digit and
plus one special character so you can
play with this option as many times as
you want in order to set up rules for
your passwords ok but always you have to
save the file and you will see that the
changes that you have made to this file
actually are reflected to the new
password that you must create for your
new users as always I hope it has been
informative for you and I want to thank
you for viewing but I
تصفح المزيد من مقاطع الفيديو ذات الصلة
How to set password on Computer Desktop | Laptop | Windows 10
How to Set Password on Windows 11 or 10 PC!
[Legacy] Use Firebase for Auth in Wized
Password Security - CompTIA Security+ SY0-701 - 4.6
Why Is It Important to Create Strong Passwords? | Internet Safety | What Is a Good Password?
CARA INSTALL UBUNTU 20.04.1 DI VIRTUALBOX || IT TUTORIAL
5.0 / 5 (0 votes)