Red Hat Bugzilla – Bug 170742
Revelation password check fails to check dictionary words
Last modified: 2007-11-30 17:11:15 EST
Description of problem:
Revelation password check has a bug that causes very insecure passwords to be
classed as "strong".
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. View->Password Checker
2. Type in: mypassword
"The password is good"
"The password is based on a word"
This is happening because crack.so is looking in the wrong place for its
dictionary. Patch to follow.
Created attachment 119970 [details]
Here's the fix.
(In reply to comment #0)
> Description of problem:
> Revelation password check has a bug that causes very insecure passwords to be
> classed as "strong".
Fixed in cvs and new packages build. But I used a different fix -- it uses the
cracklib-dicts package from core now (as it should have done from the beginning)
and not the dict that is shipped with revolution (that is removed during