https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=258535
Bug ID: 258535
Summary: Not having a NUMBER in min position N3 of
pam_passwdqc.so configuration causes in valid password
size
Product: Base System
Version: 12.2-STABLE
Hardware: amd64
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: conf
Assignee: [email protected]
Reporter: [email protected]
When configuring PAM with the following line:
----
password requisite pam_passwdqc.so min=disabled,disabled,disabled,disabled,8
max=40 similar=deny retry=3 random=0 ask_oldauthtok enforce=everyone
----
and a change to a password is requested, the the following message is
displayed:
----
You can now choose the new password.
A valid password should be a mix of upper and lower case letters,
digits and other characters. You can use a 2147483647 character long
password with characters from at least 3 of these 4 classes, or
an 8 character long password containing characters from all the
classes. Characters that form a common pattern are discarded by
the check.
Enter new password:
----
In my opinion, having a 2147483647 character long password is a bit ridiculous.
When pam_passwdqc.so encounters the word "disabled" it looks like it converted
to MAX_INT. Is there a better "default" character length that could be
displayed?
--
You are receiving this mail because:
You are the assignee for the bug.
