[Date Prev][Date Next]
Re: identifying weak passwords
Another option is export you ldap user password on the form
userid:userPassword for a file and use John the Ripper to try crack
Weaks passwords are shown on few minutes.
If your password is on SSHA format, you'll need apply a patch on the JtR.
On 12/4/06, Thierry Lacoste <email@example.com> wrote:
I'm running OpenLDAP 2.3.24 on a production server.
As I was in a hurry and discovering LDAP when I installed it,
I didn't enforce any password policy.
Now I would like to identify weak passwords to warn their
users. What are my options?
Cleber P. de Souza