Re: [Fed-Talk] RE: How to configure complex password requirements?
Re: [Fed-Talk] RE: How to configure complex password requirements?
- Subject: Re: [Fed-Talk] RE: How to configure complex password requirements?
- From: Matthew Smith <email@hidden>
- Date: Mon, 24 Jan 2011 14:21:47 -0500
You can do a "man pwpolicy" from terminal to see all the options. I'm not sure if all of them work on a standalone. I was able to get the following to work on 10.6 standalones: 14-char requirement, 1 upper, 1 lower, 1 number, 1 symbol. Didn't mess with the expiration, so I don't know if that works on standalones.
Matthew
On Jan 24, 2011, at 11:15 AM, Valentine, Ruth Ann B. wrote:
> Use pwpolicy to set each user:
>
> Sudo pwpolicy -a adminname -u username -setpolicy "minChars=12"
>
> I have not got a local machine to take a global policy, so I wrote a little shell script to run on each user after they are created.
>
> You can also use newPasswordRequired=1 to force them to change the password on their first login.
>
> Some of the settings tell them what policy explicitly they are not meeting (minChars is one) others only say it doesn't meet policy, so be sure you are clear when you tell the user what the policy is.
>
> -----Original Message-----
> From: fed-talk-bounces+ruthann=email@hidden [mailto:fed-talk-bounces+ruthann=email@hidden] On Behalf Of DeMattia, Edmond G.
> Sent: Monday, January 24, 2011 10:59 AM
> To: email@hidden
> Subject: [Fed-Talk] How to configure complex password requirements?
>
> How can I configure a 10.6 workstation that's doing local authentication to force users to use complex passwords? I also need to set a minimum of 12 characters. Is there a way to do it natively?
>
> TIA
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden