cracklib2 - a pro-active password library

cracklib2 is a library containing a C function which may be used in a passwd like program. The idea is simple: try to prevent users from choosing passwords that could be guessed by crack by filtering them out, at source. cracklib2 is not a replacement passwd program. cracklib2 is a library.

cracklib2 is an offshoot of version 5 of the crack software and contains a considerable number of ideas nicked from the new software.

cracklib2's home page provides some links on security publications and access to source code written by the author of cracklib2. While there is a README there is not much documentation available on cracklib2. Hopefully this page that I generated for the Debian/GNU Linux distribution will improved this situation.

Index

  1. Why cracklib2?
  2. Who is responsible for all of this?
  3. Debian cracklib2 package overview.
  4. Debian cracklib-runtime utilities. (only available if cracklib-runtime package installed)
  5. Debian cracklib2-dev development tools. (only available if cracklib2-dev package installed)
  6. Debian changelog.
  7. Upstream changelog.
  8. Copyright file.

Why cracklib2?

One of the most common security weaknesses in computer systems is the use of easily guessed passwords. cracklib2 tries to prevent the selection of weak passwords by checking potential passwords against dictionaries of commonly used or easily guessed words.

Ideally, these checks should be done when a user is setting their password. None of the packages in the standard Debian distributions are currently compiled to support cracklib2! There are several Debian packages that support cracklib2 to some degree. Hopefully these and future source packages will be configured and compiled to support cracklib2 now that this Debian package is available.

I've put together a simple developer's HOW-TO that allows you to modify the standard distributions to support cracklib2. This link is only available if you installed the cracklib2-dev Debian package.

Who is responsible for all of this?

Alec Muffett <alecm@crypto.dircon.co.uk> is the author of cracklib2. Jean Pierre LeJacq <jplejacq@quoininc.com> produced this Debian package.

Debian cracklib2 package overview.

The source package is cracklib2 which generates the following binary packages:

cracklib2
Shared library and all documentation except for the example program.
cracklib2-dev
Header files, static libraries, documentation, and symbolic links developers using cracklib2 will need.
cracklib-runtime
Run-time support programs which use the shared library in cracklib2 including programs to build the password dictionary databases used by the functions in the shared library.

I have not include a dictionary with this source package. I plan to add one when I package crack.

Copyright © 1998, 1999 Jean Pierre LeJacq
Distributed under the GNU GENERAL PUBLIC LICENSE.
last-modified: Wed, 3 Oct 2001 00:37:09 +0000