http://www.perlmonks.org?node_id=125048


in reply to Checking how safe a given password is.

While it's not exactly a module, I've heard good things (haven't experimented with it yet {need to file for the white hat application ;)}) about John the Ripper. You could call that with backticks, capturing the output within your Perl script.

Jason

  • Comment on Re: Checking how safe a given password is.

Replies are listed 'Best First'.
Re: Re: Checking how safe a given password is.
by sifukurt (Hermit) on Nov 13, 2001 at 19:37 UTC
    I've used it. Two BIG thumbs up. Works like a charm. In addition to John the Ripper, here are a few more you may want to look into. I haven't used all of them, but most of them. Some are easier to use than others, but all work as advertised. In no particular order:
    • crackerjack (*nix -- one of the best, IMHO)
    • l0phCrack (Win32)
    • Qcrack (*nix)
    • ScanNT (Win32)
    • crack (*nix)
    • Hades (*nix)
    • NTCrack (Win32)
    • Hellfire Cracker (*nix)
    Something that I've done in the past that has worked well, which encourages users to use Good Passwords™, is to hold a contest, and whoever's password lasts the longest against several of the above, they get some sort of prize. In my experience, it works better to encourage good password practices than to harp at people for bad passwords.
    ___________________
    Kurt