Discussion:
BAD PASSWORD: it is based on a dictionary word
Mike O'Neill
2003-12-01 17:37:15 UTC
Permalink
A non-root user is trying to change their password but cannot because of the
message:

BAD PASSWORD: it is based on a dictionary word

They swear its not true. Anyways, I was just curious where (if anywhere)
the config file lies for this functionality. Do you know? -mike
Steven Pierce
2003-12-01 17:37:15 UTC
Permalink
Mike,

Yes, that is a message. I did a change of a new uers passwd last night. I kept getting this
message also. Type the passwd again, and hit enter. It will tell you that it has taken.

I was also getting a message that it was a word in the dict. It was a persons name
that I was using.

S
*********** REPLY SEPARATOR ***********
Post by Mike O'Neill
A non-root user is trying to change their password but cannot because of the
BAD PASSWORD: it is based on a dictionary word
They swear its not true. Anyways, I was just curious where (if anywhere)
the config file lies for this functionality. Do you know? -mike
Tim Potter
2003-12-01 17:37:15 UTC
Permalink
Post by Mike O'Neill
A non-root user is trying to change their password but cannot because of the
BAD PASSWORD: it is based on a dictionary word
They swear its not true. Anyways, I was just curious where (if anywhere)
the config file lies for this functionality. Do you know? -mike
It should be in your pam configuration somewhere. If you're
using linux look in /etc/pam.d/passwd. There should be a line
like:

password required pam_cracklib.so retry=3 minlen=6 difok=3

which does the dictionary word checking stuff.


Tim.
Mike O'Neill
2003-12-01 17:37:15 UTC
Permalink
Steven, yes I know about that. On this RH7 system, the root user is not
stopped from changing the password however the regular user is. -m
Post by Steven Pierce
Mike,
Yes, that is a message. I did a change of a new uers passwd last night. I
kept getting this
message also. Type the passwd again, and hit enter. It will tell you that it
has taken.
I was also getting a message that it was a word in the dict. It was a persons
name
that I was using.
S
*********** REPLY SEPARATOR ***********
Post by Mike O'Neill
A non-root user is trying to change their password but cannot because of the
BAD PASSWORD: it is based on a dictionary word
They swear its not true. Anyways, I was just curious where (if anywhere)
the config file lies for this functionality. Do you know? -mike
Steven Pierce
2003-12-01 17:37:15 UTC
Permalink
ok.. I was root also..

*********** REPLY SEPARATOR ***********
Post by Mike O'Neill
Steven, yes I know about that. On this RH7 system, the root user is not
stopped from changing the password however the regular user is. -m
Post by Steven Pierce
Mike,
Yes, that is a message. I did a change of a new uers passwd last night. I
kept getting this
message also. Type the passwd again, and hit enter. It will tell you that it
has taken.
I was also getting a message that it was a word in the dict. It was a persons
name
that I was using.
S
*********** REPLY SEPARATOR ***********
Post by Mike O'Neill
A non-root user is trying to change their password but cannot because of the
BAD PASSWORD: it is based on a dictionary word
They swear its not true. Anyways, I was just curious where (if anywhere)
the config file lies for this functionality. Do you know? -mike
Mike O'Neill
2003-12-01 17:37:15 UTC
Permalink
Post by Tim Potter
Post by Mike O'Neill
A non-root user is trying to change their password but cannot because of the
BAD PASSWORD: it is based on a dictionary word
They swear its not true. Anyways, I was just curious where (if anywhere)
the config file lies for this functionality. Do you know? -mike
It should be in your pam configuration somewhere. If you're
using linux look in /etc/pam.d/passwd. There should be a line
password required pam_cracklib.so retry=3 minlen=6 difok=3
which does the dictionary word checking stuff.
Tim, thanks. My pam looks a bit different. But at least I know where to
look now.

[root]# less /etc/pam.d/passwd
#%PAM-1.0
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
Loading...