min_password_length

This built-in check ensures that the minimum password length enforced on the remote system is in the range <min>..<max>. Having a minimum password length forces users to choose more complex passwords.

Operating System	Implementation
Linux	The minimum password length is defined as PASS_MIN_LEN in `/etc/login.defs`.
Solaris	The minimum password length is defined as PASSLENGTH in `/etc/default/passwd`. Note: This also controls the password maximum length.
HP-UX	The minimum password length is defined as MIN_PASSWORD_LENGTH in `/etc/default/security`.
macOS	The minimum password length is defined as “minChar” in the local policy, defined using the command `pwpolicy`.

Usage

<item>

name: "min_password_length"

description: "This check examines the system configuration for the minimum password length that the passwd program will accept. The check reports a problem if the minimum length is less than the length specified in your policy."

value: "<min>..<max>"

</item>

Example

<item>

name: "min_password_length"

description: "Make sure that each password has a minimum length of 6 chars or more"

value: "6..65535"

</item>