We all know the password importance. It’s a best practices to use complex password.
Also, I recommend you to use the different password for each services such as email, ftp, ssh, etc.,
On top of that you should change the password frequently to avoid any unnecessary hacking attempt.By default RHEL and it’s clone uses cracklib
module to check password strength.
We are going to discuss, how to check the password strength using cracklib module.
If you would like to check the password score which you have created then use the pwscore
package.
If you would like to create a good password, basically it should have minimum 12-15 characters length.It should be created in the following combinations like, Alphabets (Lower case & Upper case), Numbers and Special Characters.
There are many utilities are available in Linux to check a password complexity and we are going to discuss about cracklib
module today.
How to install cracklib module in Linux?
The cracklib module is available in most of the distribution repository so, use the distribution official package manager to install it.
For Fedora
system, use DNF Command to install cracklib.
$ sudo dnf install cracklib
For Debian/Ubuntu
systems, use APT-GET Command or APT Command to install libcrack2.
$ sudo apt install libcrack2
For Arch Linux
based systems, use Pacman Command to install cracklib.
$ sudo pacman -S cracklib
For RHEL/CentOS
systems, use YUM Command to install cracklib.
$ sudo yum install cracklib
For openSUSE Leap
system, use Zypper Command to install cracklib.
$ sudo zypper install cracklib
How to use cracklib module in Linux to check Password complexity?
I have added few example in this article to make you understand better about this module.
If you use words like, person’s name or place name or common word then you will be getting an message “it is based on a dictionary word”.
$ echo "password" | cracklib-check password: it is based on a dictionary word
The default password length in Linux is Seven
characters. If you give any password less than seven characters then you will be getting an message “it is WAY too short”.
$ echo "123" | cracklib-check 123: it is WAY too short
You will be getting OK
When you give good password like us.
$ echo "ME$2w!@fgty6723" | cracklib-check ME!@fgty6723: OK
How to install pwscore in Linux?
The pwscore package is available in most of the distribution official repository so, use the distribution package manager to install it.
For Fedora
system, use DNF Command to install libpwquality.
$ sudo dnf install libpwquality
For Debian/Ubuntu
systems, use APT-GET Command or APT Command to install libpwquality.
$ sudo apt install libpwquality
For Arch Linux
based systems, use Pacman Command to install libpwquality.
$ sudo pacman -S libpwquality
For RHEL/CentOS
systems, use YUM Command to install libpwquality.
$ sudo yum install libpwquality
For openSUSE Leap
system, use Zypper Command to install libpwquality.
$ sudo zypper install libpwquality
If you are given any words like, person name or place name or common word then you will be getting a message “it is based on a dictionary word”.
$ echo "password" | pwscore Password quality check failed: The password fails the dictionary check - it is based on a dictionary word
The default password length in Linux is Seven
characters. If you give any password less than seven characters then you will be getting an message “it is WAY too short”.
$ echo "123" | pwscore Password quality check failed: The password is shorter than 8 characters
You will be getting password score
When you give good password like us.
$ echo "ME!@fgty6723" | pwscore 90