password strength checking not consistently implemented

From: Glenn Johnson <gjohnson_at_srrc.ars.usda.gov>
Date: Thu, 14 Aug 2003 17:54:53 -0500
I have set up the password strength checking system using
pam_passwdqc.so, set in /etc/pam.d/passwd.  I have also set up password
expiration.

When a user issues the 'passwd' command, the password strength checking
module works as expected.  When a user logs in via the console after the
password expiry time has passed, the login program prompts for a new
password before the session begins.  However, this password change has
no strength check at all.  Is there some other change I need to make to
may pam configuration?

Thanks.


-- 
Glenn Johnson
USDA, ARS, SRRC			 Phone: (504) 286-4252
New Orleans, LA 70124		e-mail: gjohnson_at_srrc.ars.usda.gov
Received on Thu Aug 14 2003 - 13:55:09 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:18 UTC