These forums are locked and archived, but all topics have been migrated to the new forum. You can search for this topic on the new forum: Search for Should I use PAM for usermin password changes? on the new forum.
Hi, I'd like to enforce secure passwords on my system. PAM is configured to check passwords using cracklib.
Usermin has an option to use PAM for changing the password, too. It works as expected, but I loose the ability to read the password as clear text in virtualmin. That works only when I use the standard usermin script /usr/share/webmin/virtual-server/change-password.pl (which does not use PAM).
Is there any way to enforce all PAM constraints for passwords, while still maintaining compatibility with virtualmin's "show password" functionality?
Regards,
Christian
Howdy,
While I'm not sure how to enforce all the specific constraints that PAM offers, the Usermin config does give you some control over what kind of password will be accepted.
In Webmin -> Webmin -> Usermin Configuration -> Usermin Module Configuration -> Change Password, you can select options such as:
Minimum password length
Prevent dictionary word passwords
Perl regexp to check password against
Prevent passwords containing username
Password must be different from old
You can even select an external password checking program.
Are there additional options you'd like to see?
-Eric