Added section on login pam

docs/alpine-desktop-setup/post-install/security.md

@@ -6,6 +6,8 @@ Here are a few of the sources used:
 
 * [Madaidans-insecurities page](https://madaidans-insecurities.github.io/guides/linux-hardening.html#kernel).
 
+* [PlagueOS](https://0xacab.org/optout/plagueos/-/wikis/Security-Considerations)
+
 ## Apparmor and LSM
 
 Apparmor is a mandatory access control (MAC) mechanism which restricts a programs capabilities. Installation is easy:
@@ -143,3 +145,34 @@ And create a config file in `/usr/lib/modules-load.d/jitterentropy.conf` so that
 ```
 jitterentropy_rng
 ```
+
+## PAM
+
+There are a few changes that can be made to improve login protection.
+
+Delays can be a deterent against bruteforcing login attempts. Simply add this line to it's corresponding section in `/etc/pam.d/login`:
+
+```
+auth optional pam_faildelay.so delay=5000000
+```
+
+Which will add a 5 second delay between login attempts.
+
+The system can also enforce strong passwords with PAM with `libpwquality` which has to be installed first:
+
+```
+# apk add libpwquality
+```
+
+Then configure `/etc/pam.d/passwd`, you can configure it to your [liking](https://madaidans-insecurities.github.io/guides/linux-hardening.html#pam), but these settings should do:
+
+```
+password required pam_pwquality.so retry=2 minlen=10 difok=0 dcredit=0 ucredit=1 lcredit=0 ocredit=0 enforce_for_root
+password required pam_unix.so use_authtok sha512 shadow nullok rounds=1000000
+``` 
+
+Then change your password so that its also secure:
+
+```
+$ passwd
+```