Deploying password quality checking on your Debian-base Linux servers can help to ensure that your users assign reasonable passwords on their accounts, but the settings themselves can be a bit misleading. For example, setting a minimum password length of 12 characters does not mean that your users’ passwords will all have twelve or more characters. Let’s stroll down Complexity Boulevard and see how the settings work and examine some settings worth considering.
First, if you haven’t done this already, install the password quality checking library with this command:
apt-get -y install libpam-pwquality
The files that contain most of the settings we’re going to look at will be: