#
# /etc/pam.d/common-password - password-related modules common to all services
# CAPP configuration
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define  the services to be
# used to change user passwords.  The default is pam_unix2 in combination
# with pam_pwcheck.

# The "nullok" option allows users to change an empty password, else
# empty passwords are treated as locked accounts.
#
# To enable Blowfish or MD5 passwords, you should edit
# /etc/default/passwd.
#
# Alternate strength checking for passwords should be configured
# in /etc/security/pam_pwcheck.conf.
#
# pam_make can be used to rebuild NIS maps after password change.
#
password requisite     pam_passwdqc.so ask_oldauthtok=update check_oldauthtok
password requisite     pam_pwcheck.so  use_first_pass use_authtok
password required      pam_unix2.so    use_first_pass use_authtok

