[Wylug-help] Bad Passwords

Smylers Smylers at stripey.com
Thu Apr 12 10:10:15 BST 2007


Trevor Noland writes:

> Some of the passwords users want are rejected by passwd.  Particularly
> annoying are the ones said to be based on dictionary words, because
> most words in the dictionaries here (in Spain) are accepted, the ones
> being rejected are the "foreign" words found in English.

Whom are you trying to protect against?

Since your fear is related to being connected to the internet (rather
than of locals actually sat at the computers), why would you expect your
attackers to be Spanish-speaking?

Somebody who's merely trying a dictionary attack on arbitrary IP
addresses may well be using an English dictionary, so the fact these
words are 'foreign' to your colleagues doesn't actually make them
stronger passwords.

> Is there a way to get Linux to accept passwords that it doesn't like?

I think if you run passwd as root you get to ignore its complaints about
weak passwords; you need to supply the username whose password you wish
to change as an argument (otherwise it changes root's password,
obviously):

  $ sudo passwd trevor

Smylers



More information about the Wylug-help mailing list