How to configure PAM to remember password history changes

  • 3829103
  • 26-Sep-2007
  • 22-Nov-2019


SUSE Linux Enterprise Desktop 10
SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Server 9
SUSE Linux Desktop 9


Every time a user changes her password, you would like it to be stored in a password history file. Additionally, PAM should check this file so that users can't reuse their previous "N" number of passwords.


NOTE:  For a newer article on this topic, see KB 7008156
/etc/pam.d/password (SLES9, OES/Linux 1, Novell Linux Desktop 9)
/etc/pam.d/common-password (SLE 10, OES/Linux 2)

and change the line:

password required nullok
password required nullok remember=N

Put in the number of passwords you want to be saved/checked instead of "N".

Additional Information

The passwords are stored /etc/security/opasswd and checked every time a user changes her password.

Change Log

Added link to newer article for newer versions of SLES.  Corrected spelling of pam file names. (common-passwd to common-password).