pam_passwdqc —
Password quality-control PAM module
[
service-name]
module-type
control-flag
pam_passwdqc
[
options]
The
pam_passwdqc module is a simple password
strength checking module for PAM. In addition to checking regular passwords,
it offers support for passphrases and can provide randomly generated ones.
The
pam_passwdqc module provides functionality for
only one PAM management group: password changing. In terms of the
module-type parameter, this is the
“
password
” feature.
The
pam_chauthtok() service function may ask the
user for a new password, and verify that it meets certain minimum standards.
If the chosen password is unsatisfactory, the service function returns
PAM_AUTHTOK_ERR
.
The set of options that may be passed to the module is exactly the same as the
set of options that may be specified in the configuration file (suggested
location
/etc/passwdqc.conf, to be specified in
the
config=/etc/passwdqc.conf option). These
options are described in
passwdqc.conf(5).
pam.conf(5),
passwdqc.conf(5),
pam(8).
https://www.openwall.com/passwdqc/
The
pam_passwdqc module was written for Openwall
GNU/*/Linux by
Solar Designer ⟨solar
at openwall.com⟩. This manual page was written for the
FreeBSD Project by ThinkSec AS and NAI Labs, the
Security Research Division of Network Associates, Inc. under DARPA/SPAWAR
contract N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS
research program. It has since been revised, most importantly to refer to
passwdqc.conf(5) instead of describing the
options right on this page.