In message <20040416190325.GA26196@panix.com>, Thor Lancelot Simon writes:

>
>1) The password-strength requirements earlier in the document (you'll need
>   to modify /etc/passwd to enforce these restrictions, but I believe you
>   can in fact use the cracklib package to do this quite easily)
>

There's another section that speaks of password generation.  See pkgsrc/
security/apg, which implements a NIST scheme for password generation.

		--Steve Bellovin, http://www.research.att.com/~smb