Security Strategies in Linux Platforms and Applications, 3rd Edition by Ric Messier, Michael Jang

Ensuring That Security Does Not Prevent Legitimate Access

It’s possible to configure too much security on a system. In the area of passwords, if the requirements are too strict, users are more likely to forget their passwords. Users will then either overload administrators with password-reset requests or write their passwords next to their workstations. Neither situation promotes true computer security. In the following sections, you will look at reasonable password policies, how you can implement them in the shadow password suite with the chage command, and how you can regulate access with pluggable authentication modules (PAMs).