I installed a Linux based system with a blank password. I wanted to change password to something simple, but using passwd
and setting the password to something like a single symbol gave an error of “password being a palindrome”.
How to disable password complexity checks?
Best Answer
I found out my system (as most modern Linux) use
PAM
(Pluggable Authentication Modules) andpam_cracklib
module within it.pam_cracklib
enforces minimum length of 6 symbols regardless of parameters, so solution is to turn it off.One link I've read discussed editing
password-ac
andsystem-ac
files in/etc/pam.d
, the contents of both files were same and no explanation was given of their respective roles.Upon study of
PAM
docs (The Linux-PAM System Administrators' Guide | linux-pam.org), I learnedPAM
configs for LINUX services are in that/etc/pam.d
directory in separate files. I sawpasswd
file and it in found onlysystem-ac
file mentioned (added bysubstack
keyword), so on my system I needed to edit onlysystem-ac
.Making
pam_cracklib
optional
made no difference (I guess that's becausepam_cracklib
did not pass entered and rejected pasword to next module in stack -pam_unix
) and commenting line withpam_cracklib
lead to errors duringpasswd
run. I noted that next line with ordinarypam_unix
had optionuse_authtok
(docs: enforce the module to set the new password to the one provided by a previously stacked module). After I deleted that option and commented line withpam_cracklib
I now able to set short passwords withpasswd
.