[erlang-questions] Module For Enforcing Password Strength
Gordon Guthrie
gordon@REDACTED
Mon Aug 16 18:54:48 CEST 2010
Jordan
That was kind of my initial thoughts, but I had a poke about a bit...
cracklib does a bit more than just look for patterns - it does case
normalisation, takes your username and looks for you reusing that, looks for
repeating patterns and all sorts of stuff...
hmmm - but I can't help thinking someone must have done it...
Gordon
On 16 August 2010 14:10, Jordan Wilberding <jwilberding@REDACTED> wrote:
> You can do most of these except the dictionary lookup with a regular
> expression. For dictionary lookup, I'd just take whatever dictionary
> cracklib uses, load it into a table or dict, and you are good to go for
> lookups.
>
> Thanks!
> Jordan Wilberding
>
> On Mon, Aug 16, 2010 at 3:34 AM, Gordon Guthrie <gordon@REDACTED>wrote:
>
>> Folks
>>
>> I was sitting fingers poised on the keyboard to write a module to test
>> password strength and I though, "haud on, somebody musta done this"...
>>
>> Does anyone know of a library module that checks passwords for:
>> * length
>> * dictionary attack
>> * contains numbers/punctuation
>> * etc, etc
>>
>> Or does anyone have the bones of one that could be turned into an open
>> source library (I would take on the maintenance if that was too much of a
>> chore).
>>
>> Gordon
>>
>> --
>> Gordon Guthrie
>> CEO hypernumbers
>>
>> http://hypernumbers.com
>> t: hypernumbers
>> +44 7776 251669
>>
>
>
--
Gordon Guthrie
CEO hypernumbers
http://hypernumbers.com
t: hypernumbers
+44 7776 251669
More information about the erlang-questions
mailing list