Languages
[Edit]
EN

Linux passwd solution for - BAD PASSWORD: The password fails the dictionary check - it is based on a dictionary word

4 points
Created by:
Marcin
2544

Hi, today I would like to show you how we can fix the problem when we need to change the password in linux for less secure but we get an error:

BAD PASSWORD: The password fails the dictionary check - it is based on a dictionary word

Problem description

Today I needed to change the password, so I used passwd command as alwasy to change password in linux (in my case centos) system. The problem was that I needed to change the password for less secure one, because integration test required it. For example when we want to change password for 'test123' we will get this error, because password is too easy to guess and hack it.

My console error:

[root@localhost ~]# passwd
Changing password for user root.
New password:
BAD PASSWORD: The password fails the dictionary check - it is based on a dictionary word

Solution

The solution for this problem wasn't that obvious, but it is very simple. Follow below steps in order to be able to change password for less secure in linux.

1. Login to root account.

2. Edit: vim /etc/pam.d/system-auth

3. In this file we need to change 2 things. Comment out 1 line and remove 1 parameter.

4. Comment out this line:

password    requisite     pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type=

In your linux system it may look a bit different, but first 2 parameters will look the same:

password   requisite

5. Remove use_authtok from this line (in my case last parameter in this line):

password    sufficient    pam_unix.so sha512 shadow nullok try_first_pass use_authtok

Same as above, this line may look a bit different, but first 2 parameters will look the same:

password    sufficient

6. Write and quit (:wq in vim)

7. We don't need to reboot system, we can change the password right away.

[root@localhost ~]# passwd
Changing password for user root.
Enter new UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.

And our password is changed to less secure.

Hey ūüĎč
Would you like to know what we do?
  • Dirask is online IT community for professionals and hobbyist to share their knowledge and help each other in extraordinary easy way.
  • We welcome everyone
    no matter what the experience,
    no matter how basic the question is,
    this community will help you.