From owner-freebsd-security Wed Jul 5 15:12:31 2000 Delivered-To: freebsd-security@freebsd.org Received: from alpha.pit.adelphia.net (alpha.pit.adelphia.net [24.48.44.2]) by hub.freebsd.org (Postfix) with ESMTP id 95BDF37B6AF for ; Wed, 5 Jul 2000 15:12:23 -0700 (PDT) (envelope-from dwilhelm@adelphia.net) Received: from adelphia.net (IDENT:danw@pa-bethelpark3a-91.pit.adelphia.net [24.48.233.91]) by alpha.pit.adelphia.net (8.9.2/8.9.2) with ESMTP id SAA21801; Wed, 5 Jul 2000 18:12:37 -0400 (EDT) Message-ID: <3963B2B0.60A1F963@adelphia.net> Date: Wed, 05 Jul 2000 18:12:00 -0400 From: Dan Wilhelm X-Mailer: Mozilla 4.7 [en] (X11; I; Linux 2.2.12-20 i686) X-Accept-Language: en MIME-Version: 1.0 To: Ben Smithurst Cc: Mark Cohen , freebsd-security@FreeBSD.ORG Subject: Re: Password Policy beyond mixed case References: <4.3.2.20000705122423.00bd6ca0@javalina.csf.edu> <20000705193845.N13714@strontium.scientia.demon.co.uk> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Ben Smithurst wrote: > Mark Cohen wrote: > > > I already sent this query to freebsd-questions and received no response. I > > am hoping someone on this list may help. > > > > Is there a setting for login.conf or elsewhere to demand a password policy > > stronger than mixed case, such as non-alphanumeric? If not, can you > > suggest good ways/programs to enforce such password policies. > > You might look at npasswd. I've never used it myself, but I've seen it > suggested before... I agree, npasswd is highly configurable, works well, and also allows you to keep history so users cannot reuse old passwords. > > > http://www.utexas.edu/cc/unix/software/npasswd/ > > -- > Ben Smithurst / ben@scientia.demon.co.uk / PGP: 0x99392F7D > > ------------------------------------------------------------------------ > Part 1.2Type: application/pgp-signature To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message