CentOS Server Password Rule customization

With the widespread use of Linux, the security requirements for Linux users and systems are increasing, and user password complexity is the primary embodiment of system security.
So how to restrict the password of the user under Linux to ensure that the user must use the complex password, prevent the user to use the simple password freely, thus improve the user's security and the system security.

To modify the default password rules for the server, you need to modify the/etc/pam.d/system-auth file
As follows:
Modify the/etc/pam.d/system-auth file to change the file

Password requisite pam_cracklib.so try_first_pass retry=3

Password sufficient pam_unix.so MD5 shadow Nullok try_first_pass Use_authtok

Modified to:

Password requisite pam_cracklib.so try_first_pass retry=3 minlen=8 ucredit=-2 lcredit=-4 dcredit=-1 ocredit=-1< /c1>

Password sufficient pam_unix.so MD5 shadow Nullok try_first_pass use_authtok remember=5

The above modification parameters indicate the following rules to follow when setting the password:

Minlen=8 Minimum password length is 8 bits
Ucredit=-2 with at least 2 uppercase letters
lcredit=-4 minimum of 4 lowercase characters
Dcredit=-1 minimum of 1 digits
Ocredit=-1 Minimum of 1 symbols
remember=5 password last 5 times cannot be reused

This way, the password is set according to the custom rules, and there will be some improvements in secure login!

CentOS Server Password Rule customization