From: Robert Geiger (nebraska57@yahoo.com)
Date: Sat Jan 24 2004 - 22:25:14 EST
Hello, All...
OK, I think I'm so close to having an answer to this,
but can't seem to make the final step. I'm cracking
down on the lame passwords people have been selecting
and I know I can achieve that through PAM and via
/etc/pam.conf -- but for the life of me I can't figure
out how to get it done.
I know it has to have something to do with an extended
Password Management module that forces something like
a dictionary check, but I'm at a loss at this point.
We're mostly Solaris 8 with a few 9 installations and
a few legacy 2.6 systems.
Right now, the default config forces a password of at
least 6 characters and at least one numeric or special
character... But that's not enough as someone could
still get away with their first or last name and just
add a number to it -- which John the Ripper gets in
about 5 seconds!
Can anyone help with some advice on how to further
strengthen my systems' password checking?
Many thanks in advance -- will summarize as this has
been incredibly hard to get detailed information on!
James
__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free web site building tool. Try it!
http://webhosting.yahoo.com/ps/sb/
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:27:53 EDT