This bug is in the pam package and introduced by the quilt patch "007_modules_pam_unix". It appears to be intentional, but incorrect behavior. The code has this comment:
/* The traditional crypt() truncates passwords to 8 chars. It is possible to circumvent the above checks by choosing an easy 8-char password and adding some random characters to it... Example: "password$%^&*123". So check it again, this time truncated to the maximum length. Idea from npasswd. --marekm */ This no longer seems to apply so I think this chunk of code should be removed. ** Package changed: shadow (Ubuntu) => pam (Ubuntu) ** Changed in: pam (Ubuntu) Status: Confirmed => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/600749 Title: cannot change password with a similar one -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs