[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

pam_passwdqc wordlist .vs. cracklib word list



Hi All

I have been looking at PAM modules to ensure good passwords. Currently we
use cracklib with PAM & a huge dictionary.

I have looked around & seen Solar Designer's pam_passwdqc as a drop in
replacement. I have seen comments on the list saying that it will replace
cracklib.

My question is that cracklib has a huge dictionary & I can add to it. But,
pam_passwdqc has a small dictionary in wordset_4k.c (it doesn't even have
the word "snoopy" ;-) I don't feel as safe with pam_passwdqc as it has a
small dictionary, yet Solar Designer really has it in for libcrack, and I
respect Solar Designer's opinion. The function is_word_based() in
passwdqc_check.c states that the dictionary check is not very important -
how true is that?

Can anyone shed any light on my quandary?

Thanks

John




  






[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []