[erlang-questions] Module For Enforcing Password Strength
Michael Santos
michael.santos@REDACTED
Mon Aug 16 20:33:21 CEST 2010
On Mon, Aug 16, 2010 at 05:52:48PM +0100, Gordon Guthrie wrote:
> Richard
>
> > cracklib. C bindings. Write your own wrapper.
>
> Kinda what I was hoping NOT to have to do :(
>
> Had a go at writing a C port driver a couple of years ago and didn't really
> get anywhere...
Just for fun, I wrote an interface to libcrack and put it here:
http://github.com/msantos/cerck
Adding support for checking the length and the presence of characters
besides those in the alphabet should be simple. I'll add them later
but, it'd probably be better to write all of this in pure Erlang.
One thing to watch out for: libcrack calls exit() if the dictionnary
files don't exist, which will cause the vm to exit.
> On 16 August 2010 11:20, Richard Andrews <bflatmaj7th@REDACTED> wrote:
>
> > cracklib. C bindings. Write your own wrapper.
> >
> > On Mon, Aug 16, 2010 at 6:34 PM, Gordon Guthrie <gordon@REDACTED>
> > wrote:
> > > Folks
> > >
> > > I was sitting fingers poised on the keyboard to write a module to test
> > > password strength and I though, "haud on, somebody musta done this"...
> > >
> > > Does anyone know of a library module that checks passwords for:
> > > * length
> > > * dictionary attack
> > > * contains numbers/punctuation
> > > * etc, etc
> > >
> > > Or does anyone have the bones of one that could be turned into an open
> > > source library (I would take on the maintenance if that was too much of a
> > > chore).
> > >
> > > Gordon
> > >
> > > --
> > > Gordon Guthrie
> > > CEO hypernumbers
> > >
> > > http://hypernumbers.com
> > > t: hypernumbers
> > > +44 7776 251669
> > >
> >
>
>
>
> --
> Gordon Guthrie
> CEO hypernumbers
>
> http://hypernumbers.com
> t: hypernumbers
> +44 7776 251669
More information about the erlang-questions
mailing list