[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: identifying weak passwords

To: "Thierry Lacoste" <lacoste@univ-paris12.fr>
Subject: Re: identifying weak passwords
From: "Cleber P. de Souza" <cleberps@gmail.com>
Date: Wed, 6 Dec 2006 12:25:37 -0200
Cc: OpenLDAP-software <OpenLDAP-software@openldap.org>
Content-disposition: inline
In-reply-to: <001a01c717e4$1341a500$0201a8c0@aldebaran>
References: <001a01c717e4$1341a500$0201a8c0@aldebaran>

Another option is export you ldap user password on the form
userid:userPassword for a file and use John the Ripper to try crack
them.
Weaks passwords are shown on few minutes.
If your password is on SSHA format, you'll need apply a patch on the JtR.

On 12/4/06, Thierry Lacoste <lacoste@univ-paris12.fr> wrote:

I'm running OpenLDAP 2.3.24 on a production server.
As I was in a hurry and discovering LDAP when I installed it,
I didn't enforce any password policy.

Now I would like to identify weak passwords to warn their
users. What are my options?

Best regards,
Thierry.

--
***
Cleber P. de Souza

Follow-Ups:
- Re: identifying weak passwords
  - From: Thierry Lacoste <lacoste@univ-paris12.fr>

References:
- identifying weak passwords
  - From: "Thierry Lacoste" <lacoste@univ-paris12.fr>

Prev by Date: schemacheck in slapd.conf
Next by Date: Re: slapdd running at 100% of the cpu?
Index(es):
- Chronological
- Thread