pam_passwdqc — Password quality-control PAM module
[service-name] module-type control-flag pam_passwdqc [options]
The pam_passwdqc module is a simple password strength checking module for
PAM. In addition to checking regular passwords, it offers support for
passphrases and can provide randomly generated ones.
The pam_passwdqc module provides functionality for only one PAM
management group: password changing. In terms of the module-type
parameter, this is the “password” feature.
The pam_chauthtok() service function may ask the user for a new password,
and verify that it meets certain minimum standards. If the chosen
password is unsatisfactory, the service function returns PAM_AUTHTOK_ERR.
The set of options that may be passed to the module is exactly the same
as the set of options that may be specified in the /etc/passwdqc.conf
file. These options are described in passwdqc.conf(5).
pam.conf(5), passwdqc.conf(5), pam(8).
The pam_passwdqc module was written for Openwall GNU/*/Linux by Solar
Designer ⟨solar at openwall.com⟩. This manual page was written for the
FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research
Division of Network Associates, Inc. under DARPA/SPAWAR contract
N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS research program.
It has since been revised, most importantly to refer to passwdqc.conf(5)
instead of describing the options right on this page.