Make the simplicity check dependent on password length
CrackLib checks for passwords where a character is a simple increment
or decrement of the previous character. In previous versions, the
embedded version of CrackLib allowed at most four such occurrences in
the entire password. This results in false positives on long
passphrases, since such accidental letter relationships aren't
uncommon in human languages. Change the embedded CrackLib to allow
one such simple increment for every three characters in the password,
which tightens the check somewhat for shorter passwords and loosens it
considerably for longer passwords.
projects / kerberos / krb5-strength.git / commit