Hi Bob, On Tue, May 7, 2013 at 1:48 AM, Bob Proulx <b...@proulx.com> wrote: > Setting match=0 seems to help with the "dictionary" issue. > > $ echo ohtaOe0h | pwqcheck -1 match=0 max=256 min=disabled,24,11,8,7 > OK > > $ echo uChiel9m | pwqcheck -1 match=0 max=256 min=disabled,24,11,8,7 > OK > [...] > > Does anyone see why the results are so crazy using pwqcheck? Is this > problem causing users grief? Or a different problem?
I can confirm that the previous settings in Savannah (haven't checked now) would not allow a few completely random passwords because they were apparently based on dictionary words. It was immensely frustrating (as a user) to be first told that none of my common passwords pass, then turn to a password generator and be told that a password looking like "ohtaOe0huChiel9m" is based on a dictionary word. I think it took me 3 tries to generate something that would be acceptable (longer passwords are more likely to have a 4-character sub-string that is apparently based on a dictionary word). Jan
