Password Analysis
Alan Dayley
Fri, 20 Sep 2002 06:00:10 -0700
As you have seen many times on this list, google is your friend. A google
search of "linux password check program" gave a large list. The first web
page in the list (
has references to password checking programs. I quote:
2. Checking passwords
Any good password program should check for trivial passwords, such as the
user's name or words contained in /usr/dict/words.
There are a number of programs that can be used to check passwords. Some of
the more useful programs are:
pwck checks the validity of each entry in the /etc/passwd and /etc/shadow
npasswd and passwd+ which replace /bin/passwd with a program that rigorously
checks new passwords that a user enters
crack which is run against a password file (such as /etc/passwd looking for
easily broken passwords
The fact that tools such as crack are available should encourage you to
migrate to shadow passwords if your Linux distribution does not already
support them.
I assume these programs are open source and can easily be spawned by a
different app to get the return value, thereby checking inputed passwords.
Give that a go. Good luck and happy learning!
On Thursday 19 September 2002 08:20 am, Roderick Ford wrote:
> I noticed that there was a sort of password analysis running during some
> "change password" procedure, where it was telling the "goodness" of a
> password on a scale. If I entered a good mix of capitals and numbers and
> lowercase, of course, the "goodness" was best.
> My question is whether there is some command-line program that does this
> analysis, or if there is a library, that the GUI (I think it was GTK or
> Gnome) was using.
> Thanks,
> Rod