Bug #8369
closed
Setting password complexity
0%
Description
Hi All,
This is my first post on this forum, not very sure this is the right page I have to mention this topic.
I installed PfSense and User accounts are created locally on the firewall. I have gave rights to change the password for all users through the web gui and its working properly.
Now the real problems, here users are allowed to change their password freely without any restriction. Now the users are able to use password such as "abcd", "1234" etc. This is potentially a risky factor, so I want to implement password policies on the box.
I didn't see anything on the GUI, but on cli I have tried using pam_passwdqc.so module on PAM. I did the change on the /etc/pam.d/password file as below,
password requisite pam_passwdqc.so min=disabled,disabled,disabled,10,12 similar=deny retry=3 enforce=users
But hard to say, its never worked
Please help me to find a solution for it.
Updated by Jim Pingle about 6 years ago
- Status changed from New to Rejected
- Priority changed from High to Low
- Target version deleted (
2.4.3) - Affected Version deleted (
2.4.3)
This kind of thing should be discussed on the actual forum at https://forum.pfsense.org, on the pfSense subreddit, or developer mailing list.
That said, the current NIST recommendations for passwords have removed complexity as a recommendation. The firewall won't be enforcing such requirements.