5. Password Policies

Password Policies

  • P

    Hi All,

    This is my first post on this forum, not very sure this is the right page I have to mention this topic.

    I have successfully running pfsense-RC1 box running OpenVPN on it. I have configured it to use dual level auth (certificate + Password). User accounts are created locally on the firewall. I have gave rights to change the password for all users through the web gui and its working properly.

    Now the real problems, here users are allowed to change their password freely without any restriction. Now the users are able to use password such as "abcd", "1234" etc. This is potentially a risky factor, so I want to implement password policies on the box.

    I didn't see anything on the GUI, but on cli I have tried using pam_passwdqc.so module on PAM. I did the change on the /etc/pam.d/password file as below,

    password  requisite  pam_passwdqc.so min=disabled,12,8,6,5 max=40 passphrase=3 match=4 similar=deny random=42  enforce=users retry=3

    But hard to say, it didn't even responding to the change.
    Anybody have any better solution for this? please let me know.

    Thanks,
    Premod

    0
  • E

    There is nothing like this presently there.
    You can open a feature request on redmine.pfsense.org on this.
    If you really need it you can ask support.pfsense.com on this.

    0
  • P

    Thank you for the update.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy