It is actually telling us what it thinks is wrong.
What I had in mind was a message specific to the purportedly-bad
password, like "sequence oo causes failure of N3". Maybe embedded in
debugging/logging/verbose kind of output. You get the idea. Anyway.
First I would definitely propose we set match=0
I'm fine with that, FWIW.
if it fails pwqcheck I would like to look to see if it is a false
positive. Look to see if it has a reasonable amount of character
classes and if so then mark it okay.
Also sounds good to me.
Basically do what pwqcheck says that it is doing but isn't.
Indeed. I wonder if there is some sort of pwqcheck development going on
somewhere, newer version, etc...
Thanks,
k
