TOC & Recently Viewed

Recently Viewed Topics


This built-in check ensures that the minimum password length enforced on the remote system is in the range <min>..<max>. Having a minimum password length forces users to choose more complex passwords.

Operating System



The minimum password length is defined as PASS_MIN_LEN in /etc/login.defs.


The minimum password length is defined as PASSLENGTH in /etc/default/passwd.

Note: This also controls the password maximum length.


The minimum password length is defined as MIN_PASSWORD_LENGTH in /etc/default/security.

Mac OS X

The minimum password length is defined as “minChar” in the local policy, defined using the command pwpolicy.



name: "min_password_length"

description: "This check examines the system configuration for the minimum password length that the passwd program will accept. The check reports a problem if the minimum length is less than the length specified in your policy."

value: "<min>..<max>"




name: "min_password_length"

description: "Make sure that each password has a minimum length of 6 chars or more"

value: "6..65535"


Copyright © 2019 Tenable, Inc. All rights reserved. Tenable,, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.., Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.