Steps

In the /etc/security/user file, you may customize the values for minimum password length. In this file, the parameter that defines the minimum length of a password is 'minlen', whose default value is 0. The information for 'minlen' may be found under the 'default' stanza of the file. Changing the value of 'minlen' can be done by running:

# chsec -f /etc/security/user -s default -a "minlen=XXX"

Where XXX can be the value of your choice.

Please note the following authentication information for passwords longer than 8 characters:

The /etc/security/login.cfg file has a 'pwd_algorithm' option. By default, it is not populated, and it is automatically set to DES/crypt style password hashing as follows: pwd_algorithm=crypt. This method only considers the first 8 characters of a password, and thus is not recommended to be used. If pwd_algorithm is not set, or if it is set to DES/crypt style hashing, then it is possible to get the following errors, despite meeting the required password criteria:

2021#ZxcvbnM$

- a minimum of 4 characters not found in old password.

- a minimum of 12 characters in length.

2021,QAZedcTGBujm.

- a minimum of 4 characters not found in old password.

- a minimum of 1 lower case alphabetic characters.

- a minimum of 12 characters in length.

You may specify for the system to employ alternative password hashing methods, such as blowfish, or ssha256, or others (please see /etc/security/pwdalg.cfg file). The blowfish method only supports 72 characters, while other methods will support 255 characters. For example, in login.cfg, you may set 'pwd_algorithm = ssha256' and the system will begin using this more secure hashing method:

# chsec -f /etc/security/login.cfg -s usw -a "pwd_algorithm=ssha256"

These details may be further referenced here: https://www.ibm.com/support/pages/node/960582