Subject: Re: Chapter 8 security
To: None <>
From: Steven M. Bellovin <>
List: current-users
Date: 04/16/2004 15:12:38
In message <>, Thor Lancelot Simon writes:

>1) The password-strength requirements earlier in the document (you'll need
>   to modify /etc/passwd to enforce these restrictions, but I believe you
>   can in fact use the cracklib package to do this quite easily)

There's another section that speaks of password generation.  See pkgsrc/
security/apg, which implements a NIST scheme for password generation.

		--Steve Bellovin,