On 2010-10-13, Brad Tilley <[email protected]> wrote: > Mark Romer wrote: >> use passwdqc it is in packages. >> >> in login.conf under default I have: >> :minpasswordlen=12:\ >> :login-tries=4:\ >> :passwordtries=3:\ >> :passwordcheck=/usr/local/libexec/passwdqc -3 12 >> >> Mark > > I've heard complaints that it is too stringent (I tend to agree, no > offense to Solar). PCI DSS 1.2 only requires numbers and alphabetic > chars in the password. So, letmein123 meets the requirement.
See passwdqc.conf(5).
