Roger Leigh <[EMAIL PROTECTED]> writes: > Having enabled the cracklib stuff in pam_unix while testing the new > PAM, I agree that this should remain disabled. Many users (including > myself) find the enforcement of all those extra checks annoying, and I > agree with other comments that extra checks don't always result in > more security due to tacking fixed patterns onto a shorter password.
I think you'll find that if the patterns that you use aren't ones that cracklib knows, it *does* make the password more secure. Why? Because guess how attackers try to crack passwords? It's not like most of them write their own password cracking software. -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
