[28065] in Kerberos

home help back first fref pref prev next nref lref last post

krb5-strength 0.5 released

daemon@ATHENA.MIT.EDU (Russ Allbery)
Thu Jul 19 02:37:00 2007

From: Russ Allbery <rra@stanford.edu>
To: kerberos@mit.edu
Date: Wed, 18 Jul 2007 23:36:42 -0700
Message-ID: <87wswwyk5h.fsf@windlord.stanford.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu

I'm pleased to announce release 0.5 of krb5-strength.  This should still
be considered beta-quality code.

krb5-strength is a toolkit for checking the strength of passwords against
an external dictionary, applying more transforms and checks than kadmind
supports by default.  It is implemented as a patch to kadmind and a plugin
module that is called on each password change.  It embeds a slightly
modified copy of Alec Muffett's CrackLib to do the password checking.

Changes from previous release:

    The check of the password against the principal checked against the
    fully-qualified principal, which is not the usual problem.
    Additionally check that the password doesn't match the principal with
    the realm removed or the reverse of that (case-insensitive).

You can download it from:

    <http://www.eyrie.org/~eagle/software/krb5-strength/>

Please let me know of any problems or feature requests not already listed
in the TODO file.

-- 
Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

home help back first fref pref prev next nref lref last post