Palindrome passwords disallowed—why?
The manpage
for pam_cracklib
(responsible for password strength checking) does not specify why this is done:
The strength checks works in the following manner: at first the Cracklib routine is
called to check if the password is part of a dictionary; if this is not the case an
additional set of strength checks is done. These checks are:
Palindrome
Is the new password a palindrome?
However, it's not difficult to imagine that there are some password cracking softwares that try palindromes.
I would not recommend using such a password but it's up to you evaluate what security trade-offs you're comfortable with making (you could use sudo
or root
account to change the password and it will allow you to change it to whatever you want).
Because a 20-character palindromic password is only as secure as a 10-character password -- there's essentially no extra entropy in the last 10 characters. So you're getting a false sense of security from having a long password.