Thursday, February 13, 2014

VMware vMA: BAD PASSWORD: is too simple

This week I deployed the vSphere Management Assistant (vMA) version 5.5.  When entering the New password for the vi-admin user, I was "greeted" with the following error:

BAD PASSWORD: is too simple

Although the password I tried to use met our Domain Password Policy, it did not meet the complexity requirements for the vMA.   The requirements for the vMA are:
  • Eight characters
  • One upper case character
  • One lower case character
  • One numeral character
  • One symbol such as #, $
To have consistency throughout our infrastructure, I wanted to use the designated password for these appliances. 

Bit of background:
The vMA uses the Linux Pluggable Authentication Module (PAM).  PAM along with CrackLib tests passwords to determine if they meet given complexity requirements.  CrackLib prevents users from using simple passwords. 

To disable CrackLib, perform the following steps:

***Always adhere to your company's Password Policy requirements***

1. Log into the vMA using the vi-admin account. 
2. Run the Substitute User Do(sudo) command.

 3. Run the following command to remove the cracklib requirement.  Then Exit.

pam-config –d –-cracklib
4.  Run the passwd command and enter your new password:
5. Test the newly applied password:


  1. thanks for your post it really helps me. My knowledge about linux/unix is very poor.

    Everythig goes well until I send "pam-config –d –-cracklib" than I recieve " bash: /usr/bin/pam-config: permission denied

    If you have some solution please post it.

    thank you

    1. Looks like you need elevated permissions to run the command. start the command with "sudo" (superuser do).