2 # /etc/pam.d/common-password - password-related modules common to all services
4 # This file is included from other service-specific PAM config files,
5 # and should contain a list of modules that define the services to be
6 # used to change user passwords. The default is pam_unix.
8 # Explanation of pam_unix options:
10 # The "nullok" option allows users to change an empty password, else
11 # empty passwords are treated as locked accounts.
13 # The "md5" option enables MD5 passwords. Without this option, the
14 # default is Unix crypt.
16 # The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
19 # You can also use the "min" option to enforce the length of the new
22 # See the pam_unix manpage for other options.
24 password required pam_unix.so nullok obscure md5
26 # Alternate strength checking for password. Note that this
27 # requires the libpam-cracklib package to be installed.
28 # You will need to comment out the password line above and
29 # uncomment the next two in order to use this.
30 # (Replaces the `OBSCURE_CHECKS_ENAB', `CRACKLIB_DICTPATH')
32 # password required pam_cracklib.so retry=3 minlen=6 difok=3
33 # password required pam_unix.so use_authtok nullok md5