Password Policies



  • Hi All,

    This is my first post on this forum, not very sure this is the right page I have to mention this topic.

    I have successfully running pfsense-RC1 box running OpenVPN on it. I have configured it to use dual level auth (certificate + Password). User accounts are created locally on the firewall. I have gave rights to change the password for all users through the web gui and its working properly.

    Now the real problems, here users are allowed to change their password freely without any restriction. Now the users are able to use password such as "abcd", "1234" etc. This is potentially a risky factor, so I want to implement password policies on the box.

    I didn't see anything on the GUI, but on cli I have tried using pam_passwdqc.so module on PAM. I did the change on the /etc/pam.d/password file as below,

    password  requisite  pam_passwdqc.so min=disabled,12,8,6,5 max=40 passphrase=3 match=4 similar=deny random=42  enforce=users retry=3

    But hard to say, it didn't even responding to the change.
    Anybody have any better solution for this? please let me know.

    Thanks,
    Premod



  • There is nothing like this presently there.
    You can open a feature request on redmine.pfsense.org on this.
    If you really need it you can ask support.pfsense.com on this.



  • Thank you for the update.


Log in to reply