Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of Debian 10
System Settings
Account and Access Control
Protect Accounts by Restricting Password-Based Login
Set Password Expiration Parameters
Set Password Minimum Length in login.defs
Set Password Minimum Length in login.defs
An XCCDF Rule
Details
Profiles
Prose
Set Password Minimum Length in login.defs
Medium Severity
To specify password length requirements for new accounts, edit the file
/etc/login.defs
and add or correct the following line:
PASS_MIN_LEN
The DoD requirement is
15
. The FISMA requirement is
12
. The profile requirement is
. If a program consults
/etc/login.defs
and also another PAM module (such as
pam_pwquality
) during a password change operation, then the most restrictive must be satisfied. See PAM section for more information about enforcing password quality requirements.