[service-name] module-type control-flag
The pam_passwdqc module is a simple password strength checking module for PAM. In addition to checking regular passwords, it offers support for passphrases and can provide randomly generated ones.
The pam_passwdqc module provides functionality for only one PAM management group: password changing. In terms of the module-type parameter, this is the “
pam_chauthtok() service function may ask the user for a new password, and verify that it meets certain minimum standards. If the chosen password is unsatisfactory, the service function returns
The set of options that may be passed to the module is exactly the same as the set of options that may be specified in the configuration file (suggested location
/etc/passwdqc.conf, to be specified in the
config=/etc/passwdqc.conf option). These options are described in passwdqc.conf(5).
pam.conf(5), passwdqc.conf(5), pam(8).
The pam_passwdqc module was written for Openwall GNU/*/Linux by Solar Designer ⟨solar at openwall.com⟩. This manual page was written for the FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS research program. It has since been revised, most importantly to refer to passwdqc.conf(5) instead of describing the options right on this page.
libpasswdqc(3), pam_unix(8), passwdqc.conf(5), pwqcheck(1), pwqfilter(1), pwqgen(1).