The pam_pwcheck is a PAM module for password strength checking. It makes additional checks upon password changes, but it doesn't make the change itself. It only provides functionality for one PAM management group: password changing.
This module works in the following manner: if enabled it calls at first the Cracklib routine to check the strength of the password; if crack likes the password, the module does an additional set of strength checks.
This PAM module reads /etc/login.defs. Please read the manual page for this configuration file for more information.