How to update Photon OS 3.x Root Password History?


Sometimes it’s annoying when Photon OS based appliances doesn’t allow to use previously used password for root user. You may see the error ‘Password has been already used. Choose another‘ when you try to use the password which was used earlier.

root@test [ ~ ]# passwd
New password:
Retype new password:
Password has been already used. Choose another.

By default, Photon OS remember last Five passwords. You can see the setting ‘remember=3’ in /etc/pam.d/system-password

root@test [ ~ ]# cat /etc/pam.d/system-password
# Begin /etc/pam.d/system-password
password    requisite   pam_cracklib.so     minlen=8 minclass=4 difok=4 maxsequence=0 retry=3 enforce_for_root
password    requisite   pam_pwhistory.so    retry=3 remember=5 enforce_for_root
password    required    pam_unix.so         sha512 shadow use_authtok
# End /etc/pam.d/system-password

By changing ‘remember ‘ from 5 to 0 we can disable the remember password count and reset the root password.