Forcing Stronger Passwords

From: Robert Geiger (nebraska57_at_yahoo.com)
Date: 01/25/04

  • Next message: Christopher Saul: "KDE starting problem"
    Date: Sat, 24 Jan 2004 19:25:14 -0800 (PST)
    To: sunmanagers@sunmanagers.org
    
    

    Hello, All...

    OK, I think I'm so close to having an answer to this,
    but can't seem to make the final step. I'm cracking
    down on the lame passwords people have been selecting
    and I know I can achieve that through PAM and via
    /etc/pam.conf -- but for the life of me I can't figure
    out how to get it done.

    I know it has to have something to do with an extended
    Password Management module that forces something like
    a dictionary check, but I'm at a loss at this point.
    We're mostly Solaris 8 with a few 9 installations and
    a few legacy 2.6 systems.

    Right now, the default config forces a password of at
    least 6 characters and at least one numeric or special
    character... But that's not enough as someone could
    still get away with their first or last name and just
    add a number to it -- which John the Ripper gets in
    about 5 seconds!

    Can anyone help with some advice on how to further
    strengthen my systems' password checking?

    Many thanks in advance -- will summarize as this has
    been incredibly hard to get detailed information on!

    James

    __________________________________
    Do you Yahoo!?
    Yahoo! SiteBuilder - Free web site building tool. Try it!
    http://webhosting.yahoo.com/ps/sb/
    _______________________________________________
    sunmanagers mailing list
    sunmanagers@sunmanagers.org
    http://www.sunmanagers.org/mailman/listinfo/sunmanagers


  • Next message: Christopher Saul: "KDE starting problem"