3004-335 Passwords must not match words in the dictionary

Resolving The Problem

This problem appeared while not able to reset the root password. Without root password you will not able to login to the system.

Steps to follow to troubleshoot and solve this error.

1- Booting into Maintenance mode as you can not login to the system so another source of operating system needed to able to access rootvg, the best choice is to use AIX DVD/backup to boot into Maintenance mode.

This technote will explain how to boot into Maintenance mode.

http://www-01.ibm.com/support/docview.wss?uid=isg3T1013056

If NIM used this technote will be helpful to boot into Maintenance mode.
http://www-01.ibm.com/support/docview.wss?uid=isg3T1012435

2- First we need to check /etc/security/user file: Owner/Group, permissions and dictionlist entry/entries.

Permissions and ownership on file should be like that:
# ls -l /etc/security/user
-rw-r----- 1 root security 11894 Jul 19 2017 /etc/security/user
also good point to take a look at the last modification date for this file, here it is Jul 19 2017. You should look at it and see the last date for any changes happened on this file.

About dictionlist entry is not defined by default as the following:
minlen = 0
mindiff = 0
maxrepeats = 8
dictionlist =
pwdchecks =

dictionlist Defines the password dictionaries used when checking new passwords. The format is a comma separated list of absolute path names to dictionary files. A dictionary file contains one word per line where each word has no leading or trailing white space. Words should only contain 7 bit ASCII characters. All dictionary files and directories should be write protected from everyone except root. The default is valueless, which is equivalent to no dictionary checking.

3- Check on /usr/share/dict directory: Owner/Group and permissions.
it should be like that :
# ls -ld /usr/share/dict
drwxr-xr-x 2 bin bin 256 Nov 3 2015 /usr/share/dict

4- Check on /usr/share/dict/words file: Owner/Group, permissions, and also content. You need to search in content of this file looking for something like a regular expression which could match *any* word, i.e. a single asterisk ("*") on a line or something similar.

5- If nothing works Comment out the dictionlist entries from /etc/security/user file, and move /usr/share/dict/words to /usr/share/dict/words.bkup.

This should comment all entries and files that relate to dictionary that AIX use to search for dictionaries used. After doing that you will able to boot and reset root password normally without any problem and solving the issue.

6- More useful resources to be checked.
- the IBM Technote T1013073 "New AIX Password Restrictions"
  http://www-01.ibm.com/support/docview.wss?uid=isg3T1013072

  - the Knowledge Center Article "Setting recommended password options"  https://www.ibm.com/support/knowledgecenter/en/ssw_aix_71/com.ibm.aix.security/passwords_setting_options.htm

  - the Knowledge Center Article "Resetting an unknown root password"  https://www.ibm.com/support/knowledgecenter/ssw_aix_71/com.ibm.aix.howtos/HT_baseadmn_recoverrootpswd.htm