> >> You can lead a user to a good password but you can only make them use it for >> so long. > >What about a fascist passwd program which refers to a dictionary and >rejects "easy" passwords? Does such an animal exist? > Yes, such a program does exist for UNIX. It's actually a library called 'CrackLib' which can easily be compiled into a program to check for 'easy-to-guess' passwords. It checks the password against the local dictionary as well as the user's personal info such as their real name (as kept in the passwd file), and so on. I've used it and it seems to work quite nicely. There may also be other similar programs. Using archie, you can search for 'cracklib25' to find sites that have it. Or you can get it via ftp from: coombs.anu.edu.au in /pub/security/words/cracklib25.tar.Z Steve schew@tis.com