Unable to reset password for user, Error: Authentication token manipulation error

When using appliances based on Photon OS, it can be quite frustrating to encounter restrictions on reusing a password for the root user. This issue often presents itself in the form of an error message stating, ‘Password has been already used. Choose another. This message appears when an attempt is made to set a previously utilized password for the root account. This security feature, while important for maintaining robust password practices, can be inconvenient in certain scenarios where reusing an old, familiar password seems more practical.

Photon OS, by default, is configured to remember the last five passwords used. This setting indicated as ‘remember=5’, can be found within the file located at /etc/pam.d/system-password. This feature is a security measure to prevent the reuse of recent passwords, enhancing the system’s overall security posture. The ‘remember’ parameter in this file is adjustable, allowing system administrators to modify how many previous passwords are stored and thus disallowed for reuse.

By modifying the ‘remember’ value from 5 to 0 in the /etc/pam.d/system-password file on Photon OS, you can effectively disable the feature that keeps track of previously used passwords. This change allows for the immediate reuse of passwords, including resetting the root password without the restriction of avoiding the last five passwords used. It’s a useful adjustment for scenarios where password reuse is necessary or preferred, but it’s important to consider the potential security implications of this change. Reducing or removing the password memory feature can lower the overall security of the system, making it more vulnerable to certain types of security breaches.

🔥Subscribe to the channel: https://bit.ly/3vY16CT🔥

🚨Read my blog: https://angrysysops.com/

👊Twitter: https://twitter.com/AngrySysOps
👊Facebook: https://www.facebook.com/AngrySysOps
👊My Podcast: https://bit.ly/39fFnxm
👊Mastodon: https://techhub.social/@AngryAdmin

Please leave the comment