[389-users] Password policy: Dictionary of unauthorized tokens
Nathan Kinder
nkinder at redhat.com
Mon Jul 27 22:38:18 UTC 2009
On 07/27/2009 01:55 PM, Randall Wood wrote:
> The RedHat/FDS documentation suggests that FDS can use a dictionary of
> unauthorized tokens in a password policy, although it does not seem
> configurable.
>
> Is there a dictionary that FDS uses, and is it possible to add words to
> it if so desired?
>
That description is not really correct. There is a check that ensures
that values used in common attribtues of the user entry can not be
present in the password. This prevents things like using your uid or cn
in your password. The values are broken into tokens of a configurable
length and then compared to the userPassword value.
More information about the Fedora-directory-users
mailing list