Allow Simpler Password for Unix User Account
Created at 2016-09-09T20:20:12.000Z

Relevant Man Pages

  • passwd(1)
  • pam(7)
  • pam_unix(8)

What I Did

There are two files look important:

  • in /etc/pam.d/passwd,
@include common-password
  • in /etc/pam.d/common-password,
password    [success=1 default=ignore]  pam_unix.so obscure sha512
password    requisite           pam_deny.so
password    required            pam_permit.so
password    optional    pam_gnome_keyring.so 

As I read pam_unix(8), I found:

  • abscure enables the password strength check and,
  • minimal password length (which is set by min_len) is 6

So, I changed the first line to:

password    [success=1 default=ignore]  pam_unix.so sha512 min_len=2

Then, it became possible to update to super weak password with passwd(1):

$ passwd
Changing password for hiogawa.
(current) UNIX password: ? 
Enter new UNIX password: ?
Retype new UNIX password: ?
passwd: password updated successfully