[28065] in Kerberos
krb5-strength 0.5 released
daemon@ATHENA.MIT.EDU (Russ Allbery)
Thu Jul 19 02:37:00 2007
From: Russ Allbery <rra@stanford.edu>
To: kerberos@mit.edu
Date: Wed, 18 Jul 2007 23:36:42 -0700
Message-ID: <87wswwyk5h.fsf@windlord.stanford.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
I'm pleased to announce release 0.5 of krb5-strength. This should still
be considered beta-quality code.
krb5-strength is a toolkit for checking the strength of passwords against
an external dictionary, applying more transforms and checks than kadmind
supports by default. It is implemented as a patch to kadmind and a plugin
module that is called on each password change. It embeds a slightly
modified copy of Alec Muffett's CrackLib to do the password checking.
Changes from previous release:
The check of the password against the principal checked against the
fully-qualified principal, which is not the usual problem.
Additionally check that the password doesn't match the principal with
the realm removed or the reverse of that (case-insensitive).
You can download it from:
<http://www.eyrie.org/~eagle/software/krb5-strength/>
Please let me know of any problems or feature requests not already listed
in the TODO file.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos