On Fri, Jul 17, 2015 at 6:55 AM, Václav Ovsík <vaclav.ov...@i.cz> wrote: > Hi, > is there any way to set password quality enforcement better then its > minimal length ($MinimumPasswordLength)?
There is a BeforeUpdate callback in share/html/Admin/Users/Modify.html. Without looking deeper at the code I don't know if that will also catch "new" user creation. You'd have to write a little bit of code and put it in the callback and fail accordingly if the password didn't meet your requirements. > I mean something like > http://sourceforge.net/projects/cracklib > http://www.openwall.com/passwdqc/ > or so. > > Tried Anyone John The Ripper successfully with RT password hashes? We use an SSO in front of RT - so no need to have local hashes. -m