This is more consistent with error messages used elsewhere at
Stanford and with the convention that will be used by krb5-strength.
# to a password quality error. kadmin can't return the rich error message
# from the password quality check, so we have to collapse all error messages
# down to a single string.
-our $GENERIC_ERROR = 'password may be vulnerable to attack';
+our $GENERIC_ERROR = 'Password may be vulnerable to attack';
# Account used to test password strength.
our $STRENGTH = 'service/password-strength';