[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Password testing

On Mon, Aug 14, 2006 at 01:20:51PM +0200, kadafax wrote:
> Hi list,
> Is there a way to find weak passwords in a ldap tree with "password-hash {SSHA}" ? 
> What I want to do is something like using "john" on a un-shadowed /etc/passwd.
> My concern is that I have implemented strong requirements for password after filled up 
> the ldap tree.
> Thanks for any advices,
> kfx.

You can make your own password policy with pwdCheckQuality attribute.
It help you to demand good password.

For testing current passwords you can use some brute force tool.

Dmitriy Kirhlarov
OILspace, 26 Leninskaya sloboda, bld. 2, 2nd floor, 115280 Moscow, Russia
P:+7 495 105 7247 ext.208 F:+7 495 105 7246 E:DmitriyKirhlarov@oilspace.com
OILspace - The resource enriched - www.oilspace.com