{"id":466,"date":"2020-12-04T05:44:51","date_gmt":"2020-12-04T05:44:51","guid":{"rendered":"http:\/\/velaninfo.com\/resources\/?post_type=techtips&#038;p=466"},"modified":"2021-09-29T13:07:42","modified_gmt":"2021-09-29T13:07:42","slug":"debian-vs-ubuntu-distros","status":"publish","type":"techtips","link":"https:\/\/www.velaninfo.com\/rs\/techtips\/debian-vs-ubuntu-distros\/","title":{"rendered":"How to force users to use strong passwords in Debian and Ubuntu distros?"},"content":{"rendered":"<p>A strong password must have 14 characters which should include one special character, one number and one uppercase and one lowercase. Password shouldn\u2019t be predictable and shouldn\u2019t be based on dictionary words. Some administrators \/ non-techie users do not understand how important Debian and Ubuntu distros are strong passwords and security. These administrators \/ non-techie users predictable passwords like pass123, welcome123, P@ssword123, and these types of passwords are easy to crack.<\/p>\n<p>This article forces users to use strong passwords in DEB based distributions like Debian, Ubuntu, Linux Mint using<a href=\"https:\/\/www.velaninfo.com\/rs\/tech-tips\/linux\/\"> <strong>Pluggable Authentication Modules(PAM)<\/strong><\/a><\/p>\n<p>The Pluggable Authentication Modules (PAM) is by default is installed in DEB based systems. The next step is to install an additional module called <strong>libpam-cracklib. <\/strong><\/p>\n<p>Run the following command from Terminal<\/p>\n<p>$ sudo apt-get install libpam-cracklib<\/p>\n<p>The password policies are defined in \/etc\/pam.d\/common-password file in DEB based systems. The next step is to backup this file before making changes.<\/p>\n<p>$ sudo cp \/etc\/pam.d\/common-password \/etc\/pam.d\/common-password.bak<\/p>\n<p>The next step is to edit the \/etc\/pam.d\/common-password file. Open the file in an editor like nano or vi etc.<\/p>\n<p>$ sudo nano \/etc\/pam.d\/common-password<\/p>\n<p>Find and change the following like below \u2013<\/p>\n<p>password required pam_cracklib.so try_first_pass retry=3 minlen=12 lcredit=1 ucredit=1 dcredit=2 ocredit=1 difok=2 reject_username<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-496\" src=\"http:\/\/velaninfo.com\/rs\/wp-content\/uploads\/2020\/12\/op-300x67.jpg\" alt=\"Pluggable Authentication Modules\" width=\"300\" height=\"67\" srcset=\"https:\/\/www.velaninfo.com\/rs\/wp-content\/uploads\/2020\/12\/op-300x67.jpg 300w, https:\/\/www.velaninfo.com\/rs\/wp-content\/uploads\/2020\/12\/op-768x172.jpg 768w, https:\/\/www.velaninfo.com\/rs\/wp-content\/uploads\/2020\/12\/op.jpg 774w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/p>\n<p>Description of each option mentioned above \u2013<\/p>\n<ul>\n<li>retry=N &#8211; Maximum number of retries to change password. The default value is 1.<\/li>\n<li>minlen=N &#8211; The minimum acceptable size for the new password (plus one if credits are not disabled which is the default). In addition to the number of characters in the new password, credit (of +1 in length) is given for each different kind of character (other, upper, lower and digit). The default value is 9.<\/li>\n<li>lcredit=N &#8211; Define the maximum credit for containing lowercase letters in the password. The default value is 1.<\/li>\n<li>ucredit=N &#8211; Define the maximum number for containing uppercase letters in the password. The default value is 1.<\/li>\n<li>dcredit=N &#8211; Define the maximum credit for containing digits in the password. The default value is 1.<\/li>\n<li>ocredit=N &#8211; Define the maximum credit for containing other characters in the password. The default value is 1.<\/li>\n<li>difok=N &#8211; Define the number of characters that must be different from the previous password.<\/li>\n<li>reject_username &#8211; Restrict users to use their name as a password.<\/li>\n<\/ul>\n<p>Based on the above information, users should use a password with a complexity score of 12. You can disable the credits by assigning negative values and force the user to use a combination of different characters with a minimum length.<\/p>\n<p>The next step is to verify the password complexity \u2013<\/p>\n<p>$ passwd<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-497\" src=\"http:\/\/velaninfo.com\/rs\/wp-content\/uploads\/2020\/12\/password-complexity-300x188.jpg\" alt=\"password complexity\" width=\"300\" height=\"188\" srcset=\"https:\/\/www.velaninfo.com\/rs\/wp-content\/uploads\/2020\/12\/password-complexity-300x188.jpg 300w, https:\/\/www.velaninfo.com\/rs\/wp-content\/uploads\/2020\/12\/password-complexity-768x481.jpg 768w, https:\/\/www.velaninfo.com\/rs\/wp-content\/uploads\/2020\/12\/password-complexity.jpg 816w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/p>\n<p>The above output shows that users cannot set the password as it does not meet the minimum requirements.<\/p>\n<p>The next output shows that the new password is set as it is based on the defined policy and is secure, i.e. one lowercase, one uppercase, two digits and one other character.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-498\" src=\"http:\/\/velaninfo.com\/rs\/wp-content\/uploads\/2020\/12\/set-password-300x188.jpg\" alt=\"set password\" width=\"300\" height=\"188\" srcset=\"https:\/\/www.velaninfo.com\/rs\/wp-content\/uploads\/2020\/12\/set-password-300x188.jpg 300w, https:\/\/www.velaninfo.com\/rs\/wp-content\/uploads\/2020\/12\/set-password-768x481.jpg 768w, https:\/\/www.velaninfo.com\/rs\/wp-content\/uploads\/2020\/12\/set-password.jpg 816w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/p>\n<p>At <a href=\"https:\/\/www.velaninfo.com\/\"><strong>Outsourced Services for Velan<\/strong>,<\/a> our server support engineers can help you force users to use strong passwords on your servers. For details, please visit <a href=\"https:\/\/www.velaninfo.com\/mservices\/managed-it-services\"><strong>outsourced managed IT services<\/strong><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A strong password must have 14 characters which should include one special character, one number and one uppercase and one lowercase. Password shouldn\u2019t be predictable and shouldn\u2019t be based on dictionary words. Some administrators \/ non-techie users do not understand how important Debian and Ubuntu distros are strong passwords and security. These administrators \/ non-techie&#8230;<a class=\"continue-reading text-uppercase\" href=\"https:\/\/www.velaninfo.com\/rs\/techtips\/debian-vs-ubuntu-distros\/\"> Continue Reading <img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.velaninfo.com\/rs\/wp-content\/themes\/velaninfo\/images\/reading_arw.png\" alt=\"Continue Reading\" width=\"16\" height=\"12\"\/><\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","template":"","meta":{"footnotes":""},"tags":[],"class_list":["post-466","techtips","type-techtips","status-publish","hentry","Categories_tech_tip-linux","Categories_tech_tip-security","Categories_tech_tip-server"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v19.5 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Debian and Ubuntu distros | How to force users to use strong passwords<\/title>\n<meta name=\"description\" content=\"Velan offers Remote Server Support Services. Steps to force users to use strong passwords in Debian and Ubuntu distros. what is Debian vs Ubuntu\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.velaninfo.com\/rs\/techtips\/debian-vs-ubuntu-distros\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to force users to use strong passwords in Debian and Ubuntu distros?\" \/>\n<meta property=\"og:description\" content=\"Velan offers Remote Server Support Services. Steps to force users to use strong passwords in Debian and Ubuntu distros. what is Debian vs Ubuntu\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.velaninfo.com\/rs\/techtips\/debian-vs-ubuntu-distros\/\" \/>\n<meta property=\"og:site_name\" content=\"Velan\" \/>\n<meta property=\"article:modified_time\" content=\"2021-09-29T13:07:42+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/velaninfo.com\/rs\/wp-content\/uploads\/2020\/12\/op-300x67.jpg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/techtips\\\/debian-vs-ubuntu-distros\\\/\",\"url\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/techtips\\\/debian-vs-ubuntu-distros\\\/\",\"name\":\"Debian and Ubuntu distros | How to force users to use strong passwords\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/techtips\\\/debian-vs-ubuntu-distros\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/techtips\\\/debian-vs-ubuntu-distros\\\/#primaryimage\"},\"thumbnailUrl\":\"http:\\\/\\\/velaninfo.com\\\/rs\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/op-300x67.jpg\",\"datePublished\":\"2020-12-04T05:44:51+00:00\",\"dateModified\":\"2021-09-29T13:07:42+00:00\",\"description\":\"Velan offers Remote Server Support Services. Steps to force users to use strong passwords in Debian and Ubuntu distros. what is Debian vs Ubuntu\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/techtips\\\/debian-vs-ubuntu-distros\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/techtips\\\/debian-vs-ubuntu-distros\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/techtips\\\/debian-vs-ubuntu-distros\\\/#primaryimage\",\"url\":\"http:\\\/\\\/velaninfo.com\\\/rs\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/op-300x67.jpg\",\"contentUrl\":\"http:\\\/\\\/velaninfo.com\\\/rs\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/op-300x67.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/techtips\\\/debian-vs-ubuntu-distros\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Tech Tips\",\"item\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/techtips\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How to force users to use strong passwords in Debian and Ubuntu distros?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/#website\",\"url\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/\",\"name\":\"Velan\",\"description\":\"Velaninfo Services India Pvt Ltd\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.velaninfo.com\\\/rs\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Debian and Ubuntu distros | How to force users to use strong passwords","description":"Velan offers Remote Server Support Services. Steps to force users to use strong passwords in Debian and Ubuntu distros. what is Debian vs Ubuntu","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.velaninfo.com\/rs\/techtips\/debian-vs-ubuntu-distros\/","og_locale":"en_US","og_type":"article","og_title":"How to force users to use strong passwords in Debian and Ubuntu distros?","og_description":"Velan offers Remote Server Support Services. Steps to force users to use strong passwords in Debian and Ubuntu distros. what is Debian vs Ubuntu","og_url":"https:\/\/www.velaninfo.com\/rs\/techtips\/debian-vs-ubuntu-distros\/","og_site_name":"Velan","article_modified_time":"2021-09-29T13:07:42+00:00","og_image":[{"url":"http:\/\/velaninfo.com\/rs\/wp-content\/uploads\/2020\/12\/op-300x67.jpg","type":"","width":"","height":""}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.velaninfo.com\/rs\/techtips\/debian-vs-ubuntu-distros\/","url":"https:\/\/www.velaninfo.com\/rs\/techtips\/debian-vs-ubuntu-distros\/","name":"Debian and Ubuntu distros | How to force users to use strong passwords","isPartOf":{"@id":"https:\/\/www.velaninfo.com\/rs\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.velaninfo.com\/rs\/techtips\/debian-vs-ubuntu-distros\/#primaryimage"},"image":{"@id":"https:\/\/www.velaninfo.com\/rs\/techtips\/debian-vs-ubuntu-distros\/#primaryimage"},"thumbnailUrl":"http:\/\/velaninfo.com\/rs\/wp-content\/uploads\/2020\/12\/op-300x67.jpg","datePublished":"2020-12-04T05:44:51+00:00","dateModified":"2021-09-29T13:07:42+00:00","description":"Velan offers Remote Server Support Services. Steps to force users to use strong passwords in Debian and Ubuntu distros. what is Debian vs Ubuntu","breadcrumb":{"@id":"https:\/\/www.velaninfo.com\/rs\/techtips\/debian-vs-ubuntu-distros\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.velaninfo.com\/rs\/techtips\/debian-vs-ubuntu-distros\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.velaninfo.com\/rs\/techtips\/debian-vs-ubuntu-distros\/#primaryimage","url":"http:\/\/velaninfo.com\/rs\/wp-content\/uploads\/2020\/12\/op-300x67.jpg","contentUrl":"http:\/\/velaninfo.com\/rs\/wp-content\/uploads\/2020\/12\/op-300x67.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.velaninfo.com\/rs\/techtips\/debian-vs-ubuntu-distros\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.velaninfo.com\/rs\/"},{"@type":"ListItem","position":2,"name":"Tech Tips","item":"https:\/\/www.velaninfo.com\/rs\/techtips\/"},{"@type":"ListItem","position":3,"name":"How to force users to use strong passwords in Debian and Ubuntu distros?"}]},{"@type":"WebSite","@id":"https:\/\/www.velaninfo.com\/rs\/#website","url":"https:\/\/www.velaninfo.com\/rs\/","name":"Velan","description":"Velaninfo Services India Pvt Ltd","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.velaninfo.com\/rs\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/techtips\/466","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/techtips"}],"about":[{"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/types\/techtips"}],"author":[{"embeddable":true,"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/comments?post=466"}],"version-history":[{"count":3,"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/techtips\/466\/revisions"}],"predecessor-version":[{"id":1423,"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/techtips\/466\/revisions\/1423"}],"wp:attachment":[{"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/media?parent=466"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.velaninfo.com\/rs\/wp-json\/wp\/v2\/tags?post=466"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}