Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Linux: minlen in pam_pwquality.so
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Created
Created
Modified
Modified
Summary
The pam_pwquality module can be plugged into the password stack of a given service to provide some plug-in strength-checking for passwords. The code was originally based on pam_cracklib module and the module is backwards compatible with its options. - minlen: The minimum acceptable size for the new password (plus one if credits are not disabled which is the default). In addition to the number of characters in the new password, credit (of +1 in length) is given for each different kind of character (other, upper, lower and digit). The default for this parameter is 9. Note that there is a pair of length limits also in Cracklib, which is used for dictionary checking, a 'way too short' limit of 4 which is hard coded in and a build time defined limit (6) that will be checked without reference to minlen.