[erlang-questions] Module For Enforcing Password Strength

Gordon Guthrie <>
Mon Aug 16 18:54:48 CEST 2010


Jordan

That was kind of my initial thoughts, but I had a poke about a bit...

cracklib does a bit more than just look for patterns - it does case
normalisation, takes your username and looks for you reusing that, looks for
repeating patterns and all sorts of stuff...

hmmm - but I can't help thinking someone must have done it...

Gordon

On 16 August 2010 14:10, Jordan Wilberding <> wrote:

> You can do most of these except the dictionary lookup with a regular
> expression. For dictionary lookup, I'd just take whatever dictionary
> cracklib uses, load it into a table or dict, and you are good to go for
> lookups.
>
> Thanks!
> Jordan Wilberding
>
> On Mon, Aug 16, 2010 at 3:34 AM, Gordon Guthrie <>wrote:
>
>> Folks
>>
>> I was sitting fingers poised on the keyboard to write a module to test
>> password strength and I though, "haud on, somebody musta done this"...
>>
>> Does anyone know of a library module that checks passwords for:
>> * length
>> * dictionary attack
>> * contains numbers/punctuation
>> * etc, etc
>>
>> Or does anyone have the bones of one that could be turned into an open
>> source library (I would take on the maintenance if that was too much of a
>> chore).
>>
>> Gordon
>>
>> --
>> Gordon Guthrie
>> CEO hypernumbers
>>
>> http://hypernumbers.com
>> t: hypernumbers
>> +44 7776 251669
>>
>
>


-- 
Gordon Guthrie
CEO hypernumbers

http://hypernumbers.com
t: hypernumbers
+44 7776 251669


More information about the erlang-questions mailing list