passwd.cfg
Purpose
Defines values used by the passwd command.
Description
The password configuration file,
/etc/security/passwd.cfg, is a table file (see "tbl")
that contains configuration parameters for password com-
plexity checks. The passwd program reads this file to
determine what complexity checks to impose on passwords.
Each entry in the /etc/security/passwd.cfg file has the
following format:
check_name:value:on_off:comment
where:
check_name Specifies the name of the complexity check.
Valid names are contained in the list below.
value Contains the complexity check value. Ranges
and defaults for each check name are given
in the list below.
on_off Specifies whether or not to perform this
complexity check. A value of 0 indicates
the check should not be performed, while a
value of 1 indicates the check should be
performed.
comment Contains optional comment information.
The table below shows the possible check names, the range
its specified value must fall into, and the default value
for each check. If the value specified is not within the
required range, the default value is used.
Check Name Value Range Default Value
MAX_ATTEMPTS 1-3 3
MAX_LENGTH 1-8 8
MAX_REPEATS 0-3 1
MAX_WEEKS 0-52 52
MIN_ALPHA 0-8 3
MIN_DIFF 0-7 3
MIN_LENGTH 0-8 6
MIN_OTHER 0-3 1
MIN_WEEKS 0-52 0
These values of the check_name field are explained in
more detail in the following list:
MAX_ATTEMPTS Specifies the maximum number of times the
passwd command allows a user to attempt to
change a password.
MAX_LENGTH Specifies the maximum length of a pass-
word.
MAX_REPEATS Specifies the maximum number of sequen-
tially repeating characters in a password.
MAX_WEEKS Specifies the maximum number of weeks
before a password must be changed, rela-
tive to the user's last password change.
MIN_ALPHA Specifies the minimum number of alphabetic
characters that a password must contain.
MIN_DIFF Specifies the minimum difference in char-
acters between the new and old passwords.
MIN_LENGTH Specifies the minimum length of a pass-
word.
MIN_OTHER Specifies the minimum number of special
characters a password must contain other
than alphabetic characters.
MIN_WEEKS Specifies the minimum number of weeks
before a password can be changed, relative
to the date of the user's last password
change.
Example
# /etc/security/passwd.cfg
# August 22, 1987
#
MAX_ATTEMPTS:2:1:range = 1-3, default = 3
MAX_LENGTH:6:1:range = 1-8, default = 8
MAX_REPEATS:1:1:range = 0-3, default = 1
MAX_WEEKS:52:1:range = 1-52, default = 52
MIN_ALPHA:3:1:range = 0-8, default = 3
MIN_DIFF:3:1:range = 0-7, default = 3
MIN_LENGTH:6:1:range = 0-8, default = 6
MIN_OTHER:1:0:range = 0-3, default = 1
MIN_WEEKS:0:0:range = 0-52, default = 0
Files
/bin/passwd
/etc/passwd
/etc/security/passwd.cfg
/etc/security/s_user
Related Information
In this book: "tbl," and "s_user."
The passwd command in the AIX Operating System Commands
Reference.
&c2off.