Security Basics mailing list archives

Re: Red Hat Linux: passwd

From: David Bernick <bernz () alpha bernztech org>
Date: Thu, 28 Nov 2002 23:30:15 -0500 (EST)

How does passwd determine if a password is based off a dictionary word
or not?  Is there a file somewhere it references, a dictionary built
into the code, or a algorithim it uses to check the password?


Crypt and libcrypt and cracklib. The dictionaries are in /usr/include by
default on redhat, i think. There's a perl module that you can use to
really dissect this if you're not ready to look at the actual code:

http://www.cpan.org/authors/id/D/DA/DANIEL/Crypt-Cracklib-0.01.tar.gz

-- 
David Bernick
bernz () bernztech org

This restaurant was advertising breakfast any time. So I ordered
french toast in the renaissance.
- Steven Wright, comedian

Current thread:

Red Hat Linux: passwd ALBEE,RUSSELL. S FC2 (CV63 CS5) (Nov 26)
- Re: Red Hat Linux: passwd Pierre BETOUIN (Nov 27)
- Re: Red Hat Linux: passwd Johannes Ullrich (Nov 27)
- RE: Red Hat Linux: passwd Burton M. Strauss III (Nov 28)
- Re: Red Hat Linux: passwd Andy Hibbins (Nov 28)
- Re: Red Hat Linux: passwd David Bernick (Nov 29)