setting up strong passwords?

[NERIC]

OK. This may be a simple one. But, My my question is: Is there a way to limit users on a unix system so they can't use their username as their password. I know there are other settings to restrict dictionary words and to require alphanumeric. But, I'm looking to specifically limit the username as the password.

 

[Zahier]

Hi,

If you are using a dictionary file. Edit your mkuser.sys file, add an entry to append the userid on creation to the dictionary file. Thus if a user changes password to same as userid, it will be rejected because it is in the dictionary file.

E.g. in mkuser.sys add this
echo $1 >> /usr/lib/dict

Remember to first make backup of the mkuser.sys file.

 

[Zahier]

I apologise, it should be

echo $2 >> /usr/lib/dict

 

[DSMARWAY]

hi ,

you can set in the /etc/security/users file the number of characters,numberic,alphanumeric charcaters user can have in their password

i.e. minalpha stanza

 

[NERIC]

Thanks for the replies. I think I have my answer. I really appreciate all the help!