From 24d7fe5def802826db10797927bc798913792629 Mon Sep 17 00:00:00 2001
From: Ludovic Poujol <lpoujol@evolix.fr>
Date: Mon, 5 Jun 2023 11:33:08 +0200
Subject: [PATCH] pam_policy: Default settings : disabled

---
 policy_pam/defaults/main.yml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/policy_pam/defaults/main.yml b/policy_pam/defaults/main.yml
index 867a3fa5..fb8075ac 100644
--- a/policy_pam/defaults/main.yml
+++ b/policy_pam/defaults/main.yml
@@ -2,31 +2,31 @@
 
 # PAM -- pam_pwquality
 # Ensure password meet a given quality/complexity requirement
-policy_pam_pwquality: true
+policy_pam_pwquality: false
 
 # Configuration settings for pam_pwquality
 # For more in depth info, see man pam_pwquality(8)
 
 # Minimum password lengh/credit
-policy_pam_pwquality_minlen: 4
+policy_pam_pwquality_minlen: 16
 
 # Credits values for char types
 # Value : Interger N with :
 #         N >= 0 - Maximum credit given for each char type in the password
 #         N <  0 - Minimum number of chars of given type in the password
 # digit chars
-policy_pam_pwquality_dcredit: 0
+policy_pam_pwquality_dcredit: -1
 # uppercase chars
 policy_pam_pwquality_ucredit: 0
 # lowercase chars
-policy_pam_pwquality_lcredit: 0
+policy_pam_pwquality_lcredit: -1
 # other chars
-policy_pam_pwquality_ocredit: 0
+policy_pam_pwquality_ocredit: -1
 
 
 # PAM -- pam_pwhistory
 # Prevent old password re-use
-policy_pam_pwhistory: true
+policy_pam_pwhistory: false
 
 # How many old passwords to retain
 policy_pam_pwhistory_length: 5