From owner-freebsd-questions Sat Jan 13 10:37:16 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail1.toronto.istar.net (mail1.toronto.istar.net [209.89.75.17]) by hub.freebsd.org (Postfix) with ESMTP id 1470137B6A8; Sat, 13 Jan 2001 10:36:57 -0800 (PST) Received: from d141-117-39.home.cgocable.net ([24.141.117.39]) by mail1.toronto.istar.net with esmtp (Exim 2.02 #1) id 14HVXv-00070k-00; Sat, 13 Jan 2001 13:36:59 -0500 Date: Sat, 13 Jan 2001 13:43:47 -0500 (EST) From: Dru X-Sender: genisis@genisis To: questions@freebsd.org Cc: security@freebsd.org Subject: opinions on password policies Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Please don't flame me if this is not appropriate content for security, I wasn't sure after reading the charter. If it's inappropriate, a polite email will suffice :) After spending a week trying to use my rudimentary programming skills to hack Makefiles and C source code, I've failed miserably in getting either "npasswd" or "passwd+" to compile on 4.2-Release. So I have some questions for the BSD sysadmins out there: * Is the lack of a port for either of these utilities an indication that noone uses them? If that's the case, what do sysadmins use to enforce good passwords? * Those admins I have talked to seem to prefer using "crack" after the fact. Is this common practice? I may be showing my Unix-greenness here, but when I was taught to admin other OSs, password policies were always a 2-step process: use whatever utilities for that OS would enforce policy and then periodically crack the password database to ensure it worked. Is this not done in BSD-land? * Has ANYONE been able to build "npasswd" or "passwd+" on FreeBSD? After a week of effort, it would be great to have the satisfaction of seeing it work :) TIA, Dru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message