hi, libpam-cracklib is a nice addition, but how can i use PAM to enforce at least one symbol, one digit, and one "other"-case character (if p/w is all uppercase, enforce one lower case, and vice versa)?
i know about the dcredit, ucredit, lcredit, and ocredit options to the libcrack module (e.g. setting minlen to 10 will cause a 10 character p/w to be accepted, but if dcredit is set to 2, you can get away with 9 characters if it includes a digit, or 8 characters if you have two digits). this doesn't enforce anything. it's a smart way to do it, but it doesn't force the user to use a digit (or symbol), and i want/need to do that. telling the users that they have to enter 12 characters worth of password, but each digit counts 3, each symbol 4 -- well, you know what users are like... hit me with anything you can think of. no baseball bats. -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; [EMAIL PROTECTED] man muss noch chaos in sich haben um einen tanzenden stern zu gebaehren. -- nietzsche
pgpZ3bZ7PhnxP.pgp
Description: PGP signature
