This article hasn't been updated for over 5 years. The information below may be obsolete.

Solaris password truncated to 8 characters

Updated 10 Jul 2012 | 1 minute read | 654 views | Solaris

After attempting to ssh into a Solaris box, I found my password had expired, and I am forced to change it. No issue there, I have a series of passwords that meets all the password complexity (uppercase, lowercase, numbers, symbols, etc, etc, etc).

In attmpting to change my new password, I got the following messages:

New Password:
Re-enter new Password:
Warning: your longer password will be truncated to 8 characters.

Weak password: not enough different characters or classes.

So my password is too long, so Solaris truncates it and then tells me it's not complex enough? Go figure!

I eventually got this sorted by creating an 8 char password which met all the class requirements, and I was able to change my password and log in to the system.

How to fix the truncation issue?

After searching around SunSolve, I finally found the solution. Simply edit /etc/security/policy.conf and change the CRYPT_DEFAULT line from this ...

CRYPT_DEFAULT=__unix__

to this ...

CRYPT_DEFAULT=md5

We can now keep our passwords as long as we want (max 255 chars) and they won't be truncated either.