Article: 4290 of comp.lang.perl Xref: feenix.metronet.com comp.lang.perl:4290 Newsgroups: comp.lang.perl Path: feenix.metronet.com!news.utdallas.edu!convex!convex!convex!darwin.sura.net!howland.reston.ans.net!ux1.cso.uiuc.edu!milo.mcs.anl.gov!support From: support@mcs.anl.gov (Support) Subject: Announcing ANLpasswd Message-ID: Sender: usenet@mcs.anl.gov Organization: Math & Computer Science Divison, ANL Date: Fri, 16 Jul 1993 18:58:15 GMT Lines: 53 Announcing "ANLpasswd" (formally perl-passwd2). While other programs check for bad passwords after the fact, it is important to have good passwords at all times, not just after the latest Crack run. To this end we have modified Larry Wall's Perl password program and added; "ypsmarts", so that it does the intelligent thing in an NIS environment, it allows for gecos changes, and also checks a sorted list of all the "bad passwords". The list of bad passwords are ALL the words that Crack will generate, given all the dictionaries that we could get our hands on (107 MB of unique words, so far). The combination of improvements has turned publicly available code into a powerful tool that can aid sites in the maintenance of local security. We have presented this code at SURF 92 and SUG 92. It has also been referenced in _Unix Review_. We have been using it for a year now and haven't had any major problems. I know that a couple other sites are also using it. It currently runs on: Sun, IBM, NeXT, SGI, Intel iPSC860, Alliant, Encore, BBN TC200, Solbourne, Sequent. Also if you enter a reasonable email address to our not-so-anonymous ftp server, we will notify you of any updates. It can be anonymous ftp'd from: info.mcs.anl.gov You'll find the whole package in: /pub/systems/anlpasswd-2.0.tar.Z If you find it useful, please let us know. Also please let us know of any improvements you may add. --Mark Mark Henderson Building 203 Room C-250 Manager, Advanced Computing 9700 South Cass Avenue Argonne National Laboratory Argonne, Illinois 60439 Support@mcs.anl.gov