Subject: Re: security/10206 - proposed solution (concept)
To: Elad Efrat <>
From: Thor Lancelot Simon <>
List: tech-security
Date: 08/17/2005 14:10:02
On Wed, Aug 17, 2005 at 01:05:22AM +0300, Elad Efrat wrote:
> Hi,
> I've written concept code, still work in progress, that allows an
> admin to set a password policy in /etc/passwd.conf.
> The current version has the following options when setting a policy:
> minlen, maxlen, upper, lower, digits, punct.

I'd like to see a "zbits" option: how many bits of entropy are in
the password as approximated by the size when compressed with some
reasonable compressor.  Not so useful with short passwords, quite
useful when one is requiring long phrases.