Protect Accounts by Configuring PAM

password  pam_pwhistory.so use_authtok remember=

password  pam_pwhistory.so use_authtok remember=

password substack system-auth

password requisite pam_cracklib.so try_first_pass retry=3

password required pam_cracklib.so try_first_pass retry=3 maxrepeat=3 minlen=14 dcredit=-1 ucredit=-1 ocredit=-1 lcredit=-1 difok=4

password    requisite     pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type=

difok = 4
minlen = 14
dcredit = -1
ucredit = -1
lcredit = -1
ocredit = -1
maxrepeat = 3

crypt_style = sha512

ENCRYPT_METHOD 

password    sufficient    pam_unix.so sha512 other arguments...

password    sufficient    pam_unix.so sha512 other arguments...