Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

passwdqc - password/passphrase strength checking and enforcement

passwdqc is a password/passphrase strength checking and policy enforcement toolset, including an optional PAM module (pam_passwdqc), command-line programs (pwqcheck and pwqgen), and a library (libpasswdqc).

On systems with PAM, pam_passwdqc is normally invoked on password changes by programs such as passwd(1). It is capable of checking password or passphrase strength, enforcing a policy, and offering randomly-generated passphrases, with all of these features being optional and easily (re-)configurable.

pwqcheck and pwqgen are standalone password/passphrase strength checking and random passphrase generator programs, respectively, which are usable from scripts.

libpasswdqc is the underlying library, which may also be used from third-party programs.

You may view the latest INSTALL, README, and PLATFORMS files (which are also included in the archives below), as well as screenshots demonstrating the uses and setup of passwdqc on Openwall GNU/*/Linux. There's a wiki page with detailed Solaris-specific instructions and another one with password strength policy considerations (a must read before you possibly override passwdqc's defaults). There's also a tutorial on using the pwqcheck program from PHP scripts (part of an article on how to manage a PHP application's users and passwords).

Download (and donate to the project):

• passwdqc 1.2.2 and its signature
  This includes all components mentioned above.
• pam_passwdqc 1.0.5 and its signature
  Slightly older version of pam_passwdqc only, not including and not requiring libpasswdqc.

Since passwdqc is now usable on systems without PAM, we're currently working on improving its portability. Please test passwdqc 1.2.2 on various platforms and provide your feedback (we're interested to hear of both successes and failures, as well as of any compiler warnings and any other issues). Please be sure to include a description of your systems (OS, version, CPU architecture, C compiler and its version). We're currently specifically interested in test results for HP-UX and AIX (both PAM-capable versions and not).

These and older versions of passwdqc are also available from the Openwall file archive. The source code of passwdqc may be browsed via CVSweb.

Follow this link for information on verifying the signatures.

There's a mailing list where you can share your experience with passwdqc and ask questions. Please be sure to specify an informative message subject whenever you post to the list (that is, something better than "question" or "problem"). To subscribe, enter your e-mail address below or send an empty message to <passwdqc-users-subscribe at lists.openwall.com>. You will be required to confirm your subscription by "replying" to the automated confirmation request that will be sent to you. You will be able to unsubscribe at any time and we will not use your e-mail address for any other purpose or share it with a third party. However, if you post to the list, other subscribers and those viewing the archives may see your address(es) as specified on your message. There is a web-based archive of the list.

Your e-mail address:

We may help you integrate pam_passwdqc into your OS installs, please check out our services.

Contributed resources:

• There's a wiki page with pointers to user-created OS-specific instructions and packages of passwdqc on the community wiki.
• pwtools - a Python package re-implementing some algorithms from passwdqc by Alastair Houghton
• passwdqc for OpenBSD by Damien Miller
  (also available in the ports collection)
  This is a plugin password strength checker for OpenBSD's /usr/bin/passwd that uses the password complexity checking code from pam_passwdqc.
  It has been obsoleted by "pwqcheck -1" in passwdqc 1.2.0+.
• pwdqc 1.4 by Wolfram Wagner
  A standalone program to call the password complexity checking functions of pam_passwdqc (e.g., from a website script).
  This has been obsoleted by the pwqcheck program included in passwdqc 1.1.0+.
• An SSL'ed website that invokes pwqgen and displays the generated passphrase by Simon B

pam_passwdqc has been integrated into FreeBSD 5.0+ and DragonFly BSD 2.2+, and it has been packaged for NetBSD. It is used on Owl, distributions by ALT Linux team, ASPLinux, and Annvix. Additionally, it is part of Red Hat Enterprise Linux, CentOS, and Fedora, Debian GNU/Linux, Ubuntu, SUSE Linux, and Gentoo Linux.

passwdqc is a registered project with Freecode and Ohloh.

You may want to check out these other PAM modules.

Support further work on this software with donations.

Quick Comment:

SEARCH:

Related searches:
passwdqc password strength checking pwqcheck

gipoco.com is neither affiliated with the authors of this page or responsible
for its contents. This is a safe-cache copy of the original web site.

gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.