Bypassing BAD PASSWORD: contains the user name
This post covers how to work around the BAD PASSWORD: The password contains the user name in some form error that prevents you from setting the desired password on Linux (Ubuntu).
[01] Situation
- On Linux (Ubuntu), when entering a password you hit
BAD PASSWORD: The password contains the user name in some formand cannot set the desired password - ex) Test server
- username: testuser
- password: testuser
[02] Disabling the Validation
Modifying this is not recommended in security-sensitive environments.
2-1. Locate the Password Configuration File
On Debian (Ubuntu), /etc/pam.d/common-password references the pam_pwquality.so configuration.
1
2
3
4
5
# requires root
# /etc/pam.d/common-password
# here are the per-package modules (the "Primary" block)
password requisite pam_pwquality.so retry=3
password [success=2 default=ignore] pam_unix.so obscure use_authtok try_first_pass yescrypt
2-2. Change the Password Validation Setting
In /etc/security/pwquality.conf, change to usercheck = 0.
1
2
3
4
5
6
# requires root
# /etc/security/pwquality.conf
# Whether to check if it contains the user name in some form.
# The check is enabled if the value is not 0.
usercheck = 0
#
Reference: Password validation settings reference