Solved What happens when the number of retries allowed by the password policy is exceeded?

S

sdf

Hello everyone,

What happens when the number of retries allowed by the password policy is exceeded? Will the account be locked? If yes, is it permanently locked or will it be unlocked automatically after a while?

Thanks.
 
sdf said:
What happens when the number of retries allowed by the password policy is exceeded? Will the account be locked? If yes, is it permanently locked or will it be unlocked automatically after a while?
Click to expand...
That will depend on the policy you've set and what backend you use for account storage. There is no default policy, unless you consider never getting locked out and passwords that never expire a policy.
 
SirDice said:
That will depend on the policy you've set and what backend you use for account storage. There is no default policy, unless you consider never getting locked out and passwords that never expire a policy.
Click to expand...

Likes this,
pam_passwdqc.so
/etc/pam.d/passwd
Code: 
password        requisite       pam_passwdqc.so         min=disabled,disabled,disabled,12,10 similar=deny retry=3 enforce=users
 
One of the things that makes FreeBSD so great is its man pages: pam_passwdqc(8).

This particular module only deals with password strength, not lockout policies.
 
You must log in or register to reply here.
Back
Top