Package: libcrack2 Version: 2.8.18-3 Severity: wishlist Tags: upstream Hi,
I think this is more a wishlist bug addressed at upstream, but anyway: There is a list available [1] that contains the 500 worst (i.e. most often used) passwords of all time. It contains a lot of obvious ones (and maybe misses some of the *too* obvious ones) and also some that pass the regular cracklib tests but are bad because they contain obvious references (to music, movies, etc.). It would be nice of the FascistCheck() function of libcrack2 could be extended to look up the given password in this list of 500 rather early and error out if it's found. Please tell me what you think about it and if you would accept a patch. - Fabian [1] http://www.whatsmypass.com/the-top-500-worst-passwords-of-all-time -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (501, 'unstable'), (101, 'experimental') Architecture: i386 (i686) Kernel: Linux 3.1.0-1-686-pae (SMP w/1 CPU core) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages libcrack2 depends on: ii libc6 2.13-24 ii zlib1g 1:1.2.5.dfsg-1 Versions of packages libcrack2 recommends: ii cracklib-runtime 2.8.18-3 libcrack2 suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org