>
> Hello,
>
> On Wed, Mar 22, 2006 at 03:33:39PM -0800, [EMAIL PROTECTED] wrote:
> >
> > I've scoured through all Debian pam documentation, upstream PAM docs,
> > and did extensive googling but cannot find the definition of "obscure"
> > as it applies to common-password. Anyone have any info on this?
> >
> >
> > I am assuming this is where the default system password policy is set:
> >
> >
> > password required pam_unix.so nullok obscure min=4 max=8 md5
>
> You can find the documentation of the pam_unix module in the libpam-doc
> package (/usr/share/doc/libpam-doc/txt/pam.txt.gz):
>
> The obscure option enables some extra checks on the password.
> These is taken after the same obscure checks enabled in the
> original shadow package. This works very similar to the
> pam_cracklib module and implements these checks (it does not
> implement dictionary checks):
> * Palindrome
> * Case Change Only
> * ...
According to that document "This works very similar to the
pam_cracklib module and implements these checks (it does not
implement dictionary checks):
...
Similar
Is the new password too much like the old one?
as a test of this, i created an account with the password foo33. logged
in as the user, i was successfully able to change it to foo32.
wouldn't this be considered "similar"? where is "similar" defined?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
