How to override BAD PASSWORD message in CentOS

Hi there,

In Fedora-based distros (I’ve noticed this behavior particularly on CentOS), when you try to enter a password based on a dictionary word, you will get a warning as result. There have been times when I’ve been allowed to set the password after the warning and other times the operating system just wouldn’t let me do it.

I know it’s best practice to avoid using dictionary words in passwords, but what if a person insists in using one or is a requisite in a testing exam?

@gacanepa Personally, :smirk: avoid using dictionary words in passwords.

@ACID01001001,
I could not agree more. But I specifically asked what if you’re FORCED to use a dictionary word in your password by an exam requirement, for example. It has happened to me in the past.

The only thing that comes to mind when I think of something like this is Brute Force Attack. Offline attack or an online attack. Execution time of dictionary attack is reduced because the number of combinations is restricted to those on the dictionary list. My Apologies if I am not understanding you more correctly. But If you are forced to use a weak PRNG then a dictionary attack could happen. Have you tried using PAM (Pluggable Authentication Modules) ?

@gacanepa
http://www.sans.org/reading-room/whitepapers/authentication/combating-lazy-user-examination-password-policies-guidelines-142
Perhaps this link might be more helpful and more clearly understood. I do not like giving up on something that matters.

Thank you for that link! I could not agree more with you. But let me repeat here that it wasn’t me who set the requirement, but the examiner. I would never, ever, use a dictionary word in one of my passwords.

Yes Sir. and I might add if I may, Your question is a very important one. I am glad that this has come about because people really need to know and understand the many aspects regarding all areas. Thank you for setting the ball rolling for other users including myself.

I think this is what you are looking for:

http://kb.eclipseinc.com/kb/how-do-i-disable-dictionary-checking-for-linux-passwords/

Another thing you can do is to strace the passwd command and see which files are related to that command and manually review them. It’s a bit complicated though.