Hello...
I recently found a site-callout script that I pointed the
enhanced security 'd_pw_site_callout' entry to in /etc/auth/system/default,
running 5.0a. It does a pretty good job checking for obvious stuff, but it
DOES allow using a password of username followed by a number (i.e. username6).
It won't allow a number followed by a username, neither just the username.
I also compiled this code using the cracklib libraries,, but that also
allows it.
Does anybody know how to get around this? Thanks in advance...
-Ken Kleiner
System Manager
Umass Lowell
Received on Wed Jul 19 2000 - 19:37:06 NZST