Link to home
Start Free TrialLog in
Avatar of z670193

asked on

UNIX password integrity check

Could one of you Gurus point me to a script/package that would check the integrity of the  user passwords currently residing on the server. I am looking at securing UNIX servers, and this is part of it.

I would appreciate your feedback.
Avatar of ozo
Flag of United States of America image

how does one tell the difference between a password with integrity and a password without integrity?
I think you can configure the system to enforce some password policy.  Then you can set the existing users' password as expired.  On their next login, they will need to change their password.

Are you asking for a script that would let you extract a password and then attempt to crack it by dictionary or brute force methods?

Does "integrity" mean not easily guessable?
Avatar of Tintin

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of z670193


thanks for all the suggestions..

I am trying John the Ripper as we speak. It is taking quite a bit of time and takes up lots of cpu cycle.

Duncan_roe, have you tried the tool you are suggesting (pam-cracklib)? Has anybody tried it? I wanted to get some feedback before getting it.

Any other suggestions?

Avatar of z670193


Integrity definition for ozo:

in·teg·ri·ty      /jnÈt[grjti/ Pronunciation Key - Show Spelled Pronunciation[in-teg-ri-tee] Pronunciation Key - Show IPA Pronunciation
##      a sound, unimpaired, or perfect condition: the integrity of a ship's hull.
No I don't really have a need for such a tool myself. Years ago I was doing some work for an outfit in Boston who had a remarkably good dictionary lookup - rejected all my usual passwords. So I knew dictionary lookup checkers had to exist and googled for a free one.
Is "xyzzy" a sound, unimpaired, or perfect condition?
Is "xyS5pI/daxOBw" a sound, unimpaired, or perfect condition?