I was thinking along the lines of pam_passwdqc, well part of it.
The password should contain at least 3 different character categories.
The categories being: lowercase, uppercase, special characters and numbers
Not specifically a minumum number of uppercase/lowercase/...
Off course there should be no user data in the password, it should not even contain the username as a substring. But I think that code is already in CVS. It's checking for cn, givenname, surname, ... attributes
A dictionarry check would be nice but I would maybe make this optional.
I guess that if we make the rules too stringent the enduser may complain
Greetings,
Jo
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
