Module for traditional password authentication

• /etc/passwd
• /etc/shadow             # if shadow is enabled

task to check

expire, last_change, max_change, min_change, warn_change

ie.

password-auth # R8

auth        sufficient    pam_unix.so try_first_pass nullok

try_first_pass

Before prompting the user for their password,

the module first tries the previous stacked module's password in case that satisfies this module as well.

nullok

The default action of this module is to not permit the user access to a service if their official password is blank.

The nullok argument overrides this default.