Information
Strong passwords protect systems from being hacked through brute force methods.
Solution
Set password creation requirements to conform to site policy. Many distributions provide tools for updating PAM configuration, consult your documentation for details. If no tooling is provided edit the appropriate /etc/pam.d/ configuration file and add or modify the pam_cracklib.so or pam_pwquality.so lines to include the required option:
password required pam_cracklib.so try_first_pass retry=3 minlen=14 dcredit=-1 ucredit=-1 ocredit=-1 lcredit=-1
password requisite pam_pwquality.so try_first_pass retry=3
If pam_pwquality.so is in use also configure settings in /etc/security/pwquality.conf:
minlen=14
dcredit=-1
ucredit=-1
ocredit=-1
lcredit=-1