Hello Gurus: Thanks to Philippe Vogel, pointing me about some tips with cracklib. For anyone interested tt's working now this way: I needed to restrict the length of passwords to 8 chars min, 32 chars max Combination of letters (upcase,lowercase) and numbers and/or others Not to reuse the last 12 passwords /etc/security/pam_pwcheck.conf : password: minlen=8 cracklib nullok md5 remember=12 /etc/default/passwd: CRYPT=md5 CRYPT_FILES=md5 BLOWFISH_CRYPT_FILES=10 CRYPT_YP=des /etc/pam.d/passwd #%PAM-1.0 auth required pam_unix2.so nullok account required pam_unix2.so password required pam_passwdqc.so retry=3 ask_oldauthtok min=disabled,disabled,disabled,8,8 random=32 max=32 password required pam_pwcheck.so use_authtok password required pam_unix2.so use_first_pass use_authtok session required pam_unix2.so If there's a better way, please let me know Greetings Oxiel

I need to make that my users put at least 1 number and 1 upper case letter in their 8 characters long passwords's.

I've read all the docs, readmes and mans, and searched google for examples, follow them, it should be working already but not clue why not.

My files are:

/etc/security/pam_pwcheck.conf : password: minlen=8 cracklib nullok blowfish debug remember=12

/etc/security/pam_unix2.conf : auth: account: password: session: none

/etc/default/passwd: CRYPT=blowfish CRYPT_FILES=blowfish BLOWFISH_CRYPT_FILES=10 CRYPT_YP=des

/etc/pam.d/passwd : #%PAM-1.0 auth required pam_unix2.so nullok account required pam_unix2.so password required pam_cracklib.so retry=3 debug ucredit=-1 dcredit=-1 ocredit=0 lcredit=0 minlen=8 password required pam_pwcheck.so use_authtok password required pam_unix2.so use_first_pass use_authtok session required pam_unix2.so

Best Regards

Oxiel