[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cracklib password check

On Tue, 5 Apr 2005 10:24:30 -0700
"Henry B. Hotz" <hotz@jpl.nasa.gov> wrote:

> On Apr 4, 2005, at 11:49 PM, Chris Hamilton wrote:
> > Well I am curious if this work is of some real use.  If there is a  
> > better a place to run checks instead of directly against the KDC,
> > then  I'll not bother.  Most Unix-likes have PAM, so I figure that
> > is where  most people would place checks(otherwise, why wouldn't
> > someone have  done this earlier?) in that environment.
> Linux IMO over-uses PAM, but a password management entry is standard. 

Correction - some Linux distros over-use PAM, some refuse to use it at
all (Slackware and Rock being examples that come immediately to mind).

Pat V's reasons for not using it are reported as a combination of
disliking the complexity it introduces and a dislike of it's somewhat
spotty security history.