> Has anyone done any work on checking password strength when
> someone changes their password?
>
> For example: password quality script aka --with-cracklib replacement
> [...]
Yes - we apply cracklib to the admin password, but not currently
to user passwords (by default).
Have a look at the configdb entry for passwordstrength and
esmith::FormMagick::validate_password.
Gordon
1 Replies
942 Views