Blog Rizwan
  • 🩷Welcome!
  • ⚙ī¸Debian 10
    • â™ģī¸How to Configure DHCP Server on Debian
    • đŸ–Ĩī¸How to Install Secure Shell (SSH) for Remote Access
    • 🌐How to Install and Configure a Domain Name Server (DNS)
    • 🗃ī¸How to Install FTP to Transfer Files Between Devices on the Same Network
    • 🌐How to Install Apache2 Web Server on Linux Server
    • 📝How to Install Wordpress on Server and Configuration Virtual Host
    • 🗄ī¸How to Install PhpMyAdmin to Manage the Database Using User Interfaces
  • ⚙ī¸Debian 11
    • 😁Installation 3VM
    • 🌐How to Install and Configure a DNS On a Server
    • 🗃ī¸How To Install & Configure SFTP
    • 🔐How To Install File Sharing With Samba Server
    • 🔀How To Configure VirtualHost DNS Server With Apache2
      • đŸĨ°MyWeb
      • 😎StaticWeb
      • đŸĨˇHow To Install D*mn Vunerable Web Apps For Ethical Hacking
    • 🤖How To Install Automation With Ansible
  • ☁ī¸AWS Cloud
    • 👨‍đŸ’ģInstall Cyber Panel on EC2 Instance
    • 📝Setup Wordpress in EC2 Instance With CyberPanel
    • 🌐Install NginX in EC2 Instance
    • 📸Install Zabbix For EC2 Monitoring & How To Connect To Databases On Different Resources
      • đŸ–Ĩī¸Add a New Host For Monitoring Zabbix
    • 🌎Create a New VPC Connection
    • 🗄ī¸Website Dynamic With PHP and MySQL Database
    • 🕹ī¸Install Nagios For Monitoring With a New EC2 Instance
      • 🌌Add a New Host For Monitoring Nagios (WebServer)
      • 🌃Add a New Host For Monitoring Nagios (DB-Instance)
    • 🔄How to add Auto Scaling in AWS for Resources when Network Traffic is Heavy
    • 🤝Deploy Web Server on AWS Auto Scalling Group (ASG)
      • 🏗ī¸Configuration Lab Architectures
      • 😎Deploy Web Content to Lab
      • đŸ•ĩī¸â€â™‚ī¸Test Autoscalling Architecture
  • ❄ī¸CentOS7
    • 💡How to Change IP Address and Installation SSH Service
    • 🌐How to Configure DNS Server
    • 🆖How To Install Nginx Website on CentOS 7
  • 🔐System Security
    • 😁Installation 4VM
    • ❌How to Block Internet Connection Using IPTables Tools
    • 🔐How to Create Rules to Create Strong Passwords for Users
    • 🔀Port Forwarding For Local SSH, WebServer, and FTP Service
    • ⚔ī¸Simulate MITM Attack
    • ⚔ī¸Simulate DDOS Attack
    • 🛡ī¸How to Protect the Server From Attacks By Detecting the Network Using Snort
    • 🔐The Way to Secure the Server When a User Login Must Use an OTP Code
  • 🌐Cisco Networking
    • 🔀Trunking Port & Access Port
    • 🔄Routing 3 Router
    • 🔮Domain Name System
    • ♾ī¸DHCP Server
  • 🛠ī¸Block Chain Node
    • ✨Humanode Validator
      • Installation Node
      • Node Activation
      • Setup Wallet
  • 😊My Contact
Powered by GitBook
On this page
  1. System Security

How to Create Rules to Create Strong Passwords for Users

PreviousHow to Block Internet Connection Using IPTables ToolsNextPort Forwarding For Local SSH, WebServer, and FTP Service

Last updated 8 months ago

Introduction

Cracklib is a library to check whether a password is easy to crack or not. It checks that the password is not based on a simple character pattern or dictionary word. The main goal of this package is to stop users from choosing passwords that are easy to guess/hack. It tries to generate words from the username and gecos fields (entries in the /etc/passwd file) and checks the password. Note that cracklib is not a replacement for a password program, and must be used in conjunction with an existing password program. Install it if you want to ensure that passwords are at least minimally secure.

Configuration

Debian 10-Server

Install Package

apt-get install libpam-cracklib

Command to find out information on the expiration date of a password

*example: chage (user)

chage rizwan2
chage -l rizwan2

Configuration Cracklib

System-Authentication

nano /etc/pam.d/system-auth

/lib/security/$ISA/pam_cracklib.so retry=3 minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1

Strong Password

Then we will configure the libpam-cracklib software so that when changing the password the user cannot use an easy password. This of course will improve the quality of our security so that it is not easily known by other people.

nano /etc/pam.d/common-password

*on text: 
password requisite pam_cracklib.so retry=3 minlen=8 difok=3

*added to be:
password requisite pam_cracklib.so retry=3 minlen=9 dcredit=-1 ucredit=-1 lcredit=-1 ocredit=-1 difok=3

Configuration is Completed

Check the Configuration Results

Then we check whether the configuration was successful or not. You can check by changing the user password with an easy password. If when we change the password we use a password that is easily rejected, that means the configuration has been successful. So what we have to do is change the password by using a more complicated password.

*example: passwd (user)

passwd rizwan2
password : rizwan2
(rejected)

password : R1zw4n2@123
(accepted)
🔐
🔐
  • Introduction
  • Configuration
  • Debian 10-Server
  • Configuration Cracklib
  • Configuration is Completed
  • Check the Configuration Results