A first look at server policies

Linux

adduser demouser
nose into /etc/passwd

passwd demouser

-- pw length
-- copy the file you plan to change to a backup
sudo cp /etc/pam.d/common-password /etc/pam.d/common-password.bkp

sudo nano /etc/pam.d/common-password
{change line like
	password [success=2 default=ignore] pam_unix.so obscure sha512
 to include minlen=x at end
}

-- pw timeout rules
chage -l demouser
-- an example
chage -m 5 -M 90 -I 30 -I 30 -W 14 demouser

-- timeout (after x seconds from terminal sessions for all users)

-- copy the file you plan to change to a backup
sudo nano /etc/profile.d/autologout.sh

Add the following lines:
	TMOUT=x
	readonly TMOUT
	export TMOUT

Save and close the file.

Make it as executable using command:

sudo chmod +x /etc/profile.d/autologout.sh

restart (might not be absolutely required)

WINDOWS

For a server not part of an active directory domain secpol.msc or gpedit.msc

Local Policy | Account Policies | Password Policy

Local Policy | Local Policies | Security Options | Interactive Logon: Machine inactivity

For AD domain policy gpmc.msc

Computer Configuration | Windows Settings | Security Settings | Account Policies | Password Policy

Computer Configuration | Windows Settings | Security Settings | Local Policies | Security Options | Interactive Logon: Machine inactivity