Home page logo
/

basics logo Security Basics mailing list archives

Re: Red Hat Linux: passwd
From: David Bernick <bernz () alpha bernztech org>
Date: Thu, 28 Nov 2002 23:30:15 -0500 (EST)

How does passwd determine if a password is based off a dictionary word
or not?  Is there a file somewhere it references, a dictionary built
into the code, or a algorithim it uses to check the password?

Crypt and libcrypt and cracklib. The dictionaries are in /usr/include by
default on redhat, i think. There's a perl module that you can use to
really dissect this if you're not ready to look at the actual code:

http://www.cpan.org/authors/id/D/DA/DANIEL/Crypt-Cracklib-0.01.tar.gz

-- 
David Bernick
bernz () bernztech org

This restaurant was advertising breakfast any time. So I ordered
french toast in the renaissance.
- Steven Wright, comedian


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]