Bug 158191 - passwd checking module returns bad passwd inappropriately.
passwd checking module returns bad passwd inappropriately.
Product: Fedora
Classification: Fedora
Component: passwd (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Mraz
Mike McLean
Depends On:
  Show dependency treegraph
Reported: 2005-05-19 10:27 EDT by akonstam
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-05-19 10:52:02 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description akonstam 2005-05-19 10:27:40 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.3) Gecko/20041005

Description of problem:
When entering a passwd to the passwd program the brogram returns message:
BAD PASSWORD: it is based on a dictionary word
For example , with the passwd: kgf08p
that message is returned. This passwd has all consinents and 2 numbers. What word could it be based on. This has happened to me on other passwds unrelated to words.
returns: Bad passwd: is too simple.
returns: Bad passwd: based on a (reversed) dictionary word.

It is frustrating.

What rules are being used. They seem screwey.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
2.Current unix passwd:
3.New passwd: fgk08p

Actual Results:  Bad passwd: based on a (reversed) dictionary word.

Expected Results:  Passwd would be accepted and a request to enter it again

Additional info:
Comment 1 Tomas Mraz 2005-05-19 10:52:02 EDT
The "too simple" is configurable by setting appropriate options to pam_cracklib
in the /etc/pam.d/system auth.
The dictionary check is done by the cracklib library.

Generally it can be said that 6 letters passwords are too short.
Comment 2 akonstam 2005-05-19 12:28:19 EDT
I am not so concerned with 6 character passwd  being too short. My real concern
is the clain that it is based on a dictionary word. This is not just one passwd
but every passwd I have tried. Now the passwd fgk08p is not based on any word I
know so something is wrong with the argorithim. And it is very anoying if I am
trying to explain to a 1000 students how to make an acceptable passwd.
Comment 3 Tomas Mraz 2005-05-19 12:43:15 EDT
The dictionary check does character substitutions and so on so for the password
to pass it has to be different in more than x characters than any word in the
dictionary. The actual x value is in the cracklib sources and if it's for
example 4 than basically no 6 letters password can pass the check.

Feel free reopen the bug and reassign it to cracklib however I don't think the
algorithm or the x value will be changed.

Note You need to log in before you can comment on or make changes to this bug.