The following is a list of errata submitted to us by the user community. Please take care in reviewing this information before implementing any system-wide changes.
- Garth Mollett found a critical error in the cracklib.so configuration used to enforce strong password controls via PAM on the UNIX side of things. The correct flags in order to ensure these passwords meet PCI Compliance is “minlen=7 dcredit=-1 ucredit=-1 lcredit=-1″ (note the NEGATIVE numbers which shows the minimum number of these that must be present). Keep in mind, there is no cracklib configuration check for password history.
As required, we will post errata on this page. If you think you have found an error, please email us and tell us about it!