Need to set Password complexity for root in ubuntu 20.04

Question

When i tried to set the password complexity by adding the values in /etc/pam.d/common-password and /etc/security/pwquality.conf. I have set the minlen=8, for other user it works fine for root user its not working.

How i can set the minlen=8 for root user.

Reminder: root can change the config anytime. – Marco Jul 24 '23 at 10:18 — Marco, Jul 24 '23 at 10:18

vidarlo · Answer 1 · 2023-07-24T20:22:58.460

1

This is answered in the man page:

enforce_for_root

The module will return error on failed check even if the user changing the password is root. This option is off by default which means that just the message about the failed check is printed but root can change the password anyway.

Simply add enforce_for_root to a line by it self in /etc/security/pwquality.conf.

Note that root can bypass this more or less at will by injecting their password hash. There's ultimately few things that stops root from ignoring configuration on Linux.

edited Jul 24 '23 at 20:22

answered Jul 24 '23 at 10:12

vidarlo

22,691

i have added enforce_for_root in /etc/pam.d/common-password, still root password length was not accepting. pam_pwquality.so retry=3 enforce_for_root – Thamizh Jul 24 '23 at 10:23
Not sure I grok your comment? – vidarlo Jul 24 '23 at 11:47
Tell me where i need to add enforce_for_root. – Thamizh Jul 24 '23 at 12:06
Maybe reading the provided link could help? – Heslacher Jul 24 '23 at 12:37
@Thamizh answer updated :) – vidarlo Jul 24 '23 at 20:23

Need to set Password complexity for root in ubuntu 20.04

1 Answers1

Linked