Hi All I have been looking at PAM modules to ensure good passwords. Currently we use cracklib with PAM & a huge dictionary. I have looked around & seen Solar Designer's pam_passwdqc as a drop in replacement. I have seen comments on the list saying that it will replace cracklib. My question is that cracklib has a huge dictionary & I can add to it. But, pam_passwdqc has a small dictionary in wordset_4k.c (it doesn't even have the word "snoopy" ;-) I don't feel as safe with pam_passwdqc as it has a small dictionary, yet Solar Designer really has it in for libcrack, and I respect Solar Designer's opinion. The function is_word_based() in passwdqc_check.c states that the dictionary check is not very important - how true is that? Can anyone shed any light on my quandary? Thanks John
