The PAM framework allows you to choose any combination of system entry services (ftp, login, telnet, or rsh, for example) for user authentication. Some benefits that PAM provides are as follows:
Flexible configuration policy
Per application authentication policy
The ability to choose a default authentication mechanism
Multiple passwords on high-security systems
Ease of use for the end user
No retyping of passwords if the passwords are the same for different mechanisms.
The ability to use a single password for multiple authentication methods with the password-mapping feature. This feature works even if the passwords that are associated with each authentication method are different.
The ability to prompt the user for passwords for multiple authentication methods without having the user enter multiple commands.
The ability to pass optional parameters to the user authentication services