Date: Sat, 13 Jan 2001 13:43:47 -0500 (EST) From: Dru <genisis@istar.ca> To: questions@freebsd.org Cc: security@freebsd.org Subject: opinions on password policies Message-ID: <Pine.BSF.4.21.0101131321210.89486-100000@genisis>
next in thread | raw e-mail | index | archive | help
Please don't flame me if this is not appropriate content for security, I wasn't sure after reading the charter. If it's inappropriate, a polite email will suffice :) After spending a week trying to use my rudimentary programming skills to hack Makefiles and C source code, I've failed miserably in getting either "npasswd" or "passwd+" to compile on 4.2-Release. So I have some questions for the BSD sysadmins out there: * Is the lack of a port for either of these utilities an indication that noone uses them? If that's the case, what do sysadmins use to enforce good passwords? * Those admins I have talked to seem to prefer using "crack" after the fact. Is this common practice? I may be showing my Unix-greenness here, but when I was taught to admin other OSs, password policies were always a 2-step process: use whatever utilities for that OS would enforce policy and then periodically crack the password database to ensure it worked. Is this not done in BSD-land? * Has ANYONE been able to build "npasswd" or "passwd+" on FreeBSD? After a week of effort, it would be great to have the satisfaction of seeing it work :) TIA, Dru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0101131321210.89486-100000>