Thanks for the informative post. Folks should know better than to use trivial passwords but we all seem to need constant reminding. pam_cracklib is certainly helpful for improving passwords. You might also want to make use of the pam_passwdqc (password quality check) module [http://linux.die.net/man/8/pam_passwdqc]. There is overlap with pam_cracklib’s functionality. But pam_passwdqc allows you to enforce some additional characteristics, particularly for passphrases.

Regards,
George Wilson

Thanks for leading off the guest blog entries!

Dark Reading also had a recent article about analyzing passwords used on phpbb.com which shown that passwords have not really improved all that much since 2006! See http://www.darkreading.com/blog/archives/2009/02/phpbb_password.html

Thanks for posting this useful info!

Emily