Re: Password security/Weak Password lockout
Paul Gupta wrote:
> By what mechanism does debian decide whether or not a password is too
> weak etc.
> What is it exactly? AND How would one configure it to be stricter or
> more lenient with password selection?
I use libpam-cracklib to protect from dictionary attacks. Also installed some
dictionaries, see apt-cache search dictionary | grep "/usr/share/dict"
password required pam_cracklib.so retry=3 minlen=10 difok=3
3 retries, minimum length of password 10 characters, 3 characters is allowed
to match with the previous password.
Hope that gets you started. Maybe check this out, too.