Oracle® Solaris 11 Security Guidelines

Exit Print View

Updated: August 2014

How to Set Stronger Password Constraints

Use this procedure if the defaults do not satisfy your site security requirements. The steps are in the order of the variable entries in the /etc/default/passwd file.

Before You Begin

You must become an administrator who is assigned the solaris.admin.edit/etc/default/passwd authorization. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.2 .

  • Use the pfedit command to make the following changes in the /etc/default/passwd file:
    1. Require users to change their passwords every four months, but not more frequently than every three weeks.
      ## /etc/default/passwd
    2. Require a password of at least eight characters.
    3. Keep a password history.
    4. Require a minimum difference from the last password.
    5. Require at least one uppercase letter.
    6. Require at least one digit.

See also