One of the factor that makes your system easily crackable is the weak password. PAM cracklib forces users to choose stronger password by analyzing the password strength, length and entropy.
To enable pam_cracklib in Debian / Ubuntu operating system, you need to install libpam_cracklib:
sudo apt-get install libpam_cracklib
Then edit the “/etc/pam.d/common-password” file using your favorite editor. Then, add and uncomment the following line at the end of the file.
password required pam_cracklib.so retry=3 minlen=6 difok=3
difok determines the number of same characters that allowed to be present in the old and new passwords.