The following additional settings are supported in the [appdefaults]
section of krb5.conf when running under either Heimdal or MIT Kerberos.
+ cracklib_maxlen
+
+ Normally, all passwords are checked with CrackLib if a CrackLib
+ dictionary is defined. However, CrackLib's rules were designed for
+ a world in which most passwords were four to eight characters long,
+ and tends to spuriously reject a lot of passphrases. If this option
+ is set to something other than its default of 0, passwords longer
+ than that length bypass CrackLib checks. (Using a SQLite dictionary
+ for longer passwords is strongly recommended.)
+
minimum_different
If set to a numeric value, passwords with fewer than this number of
The krb5-strength web page at:
- http://www.eyrie.org/~eagle/software/krb5-strength/
+ https://www.eyrie.org/~eagle/software/krb5-strength/
will always have the current version of this package, the current
documentation, and pointers to any additional resources.
or view the repository via the web at:
- http://git.eyrie.org/?p=kerberos/krb5-strength.git
+ https://git.eyrie.org/?p=kerberos/krb5-strength.git
When contributing modifications, either patches (possibly generated by
git format-patch) or Git pull requests are welcome.