Differences

This shows you the differences between two versions of the page.

--- passwdqc [2010/03/02 21:44]
solar further edits to the request for content
+++ passwdqc [2026/03/06 04:51] (current)
solar more https
@@ Line 1: / Line 1: @@
 ====== passwdqc user community resources ======
-[[http://www.openwall.com/passwdqc/|passwdqc]] is a password/passphrase strength checking and policy enforcement toolset, including an optional PAM module (//pam_passwdqc//), command-line programs (//pwqcheck// and //pwqgen//), and a library (//libpasswdqc//).
+[[https://www.openwall.com/passwdqc/|passwdqc]] is a password/passphrase strength checking and policy enforcement toolset, including an optional PAM module (//pam_passwdqc//), command-line programs (//pwqcheck// and //pwqgen//), and a library (//libpasswdqc//).
-===== Tutorials and OS-specific instructions =====
+===== Articles, tutorials, and OS-specific instructions =====
-  * [[http://codeidol.com/unix/bsd/The-Boot-and-Login-Environments/Create-an-Effective,-Reusable-Password-Policy/|A book chapter on how to enable and configure passwdqc on FreeBSD 5+]]
+  * [[passwdqc/policy]] (a **must read** before you possibly override passwdqc's defaults)
-  * [[http://www.daemonforums.org/showthread.php?p=17598|A forum posting that shows how to enable and configure passwdqc on FreeBSD 5+]] (also talks about pam_cracklib on CentOS, but fails to mention its drawbacks)
+  * [[passwdqc/solaris]]
-  * [[http://serverfault.com/questions/101998/enforcing-that-passwords-contain-a-certain-mixture-of-characters-on-red-hat-linux|How to enable and configure pam_passwdqc on a RHEL/Fedora/CentOS system]] from the NSA's [[http://www.nsa.gov/ia/_files/os/redhat/rhel5-guide-i731.pdf|Guide to the Secure Configuration of Red Hat Enterprise Linux 5]] (that's section 2.3.3.1.2 on page 38 in Revision 3 of the Guide)
+  * [[passwdqc/rockyou]]
-  * [[http://www.cromwell-intl.com/security/linux-hardening.html|Three configuration examples for Linux, with explanations]] (scroll down or search for "Enforce password quality" or just go to the end of the lengthy web page)
+  * [[https://www.openwall.com/lists/john-users/2011/02/20/2|passwdqc tested on KoreLogic's DEFCON 2010 contest passwords]]
-  * [[http://www.hpug.org.uk/index.php?option=com_content&task=view&id=273&Itemid=63|How to obtain, install, and configure pam_passwdqc on HP-UX 11]] (scroll down or search for "How to configure PAM passwdqc password strength checking" on that lengthy web page)
+  * [[https://daemonforums.org/showthread.php?t=1019#post7413|A forum posting that shows how to enable and configure passwdqc on FreeBSD 5+]] (also talks about pam_cracklib on CentOS, but fails to mention its drawbacks)
+  * [[https://serverfault.com/questions/101998/enforcing-that-passwords-contain-a-certain-mixture-of-characters-on-red-hat-linux|How to enable and configure pam_passwdqc on a RHEL/Fedora/CentOS system]] from the NSA's "Guide to the Secure Configuration of Red Hat Enterprise Linux 5" (that's section 2.3.3.1.2 on page 38 in Revision 3 of the Guide)
+  * [[https://undeadly.org/cgi?action=article&sid=20100621091027|The OpenBSD Journal (undeadly.org) story on passwdqc, including brief instructions and OpenBSD-specific info]]
+  * [[https://www.slideshare.net/antondedov5/zn2013-testing-of-password-policy-abridged|Testing of password policy (ZeroNights 2013 slides)]] by Anton Dedov (Parallels), comparing passwdqc 1.3.0 with default settings against 4 other password strength checking tools
+  * [[https://password-policy-testing.wikidot.com/results|Comparing the tools against 3 formal policy descriptions]], also by Anton Dedov
-**Please feel free to add** to the list above, as well as to the one below.  External links are OK, but except for links to packages it is preferred that you **create new pages** right on this wiki, under the passwdqc DokuWiki namespace - e.g., there could be a page with [[passwdqc/solaris|instructions on setting up passwdqc on Solaris]] (it does not exist yet).  To edit this wiki, you need to [[http://openwall.info/wiki/passwdqc?do=register|register for an account]] and [[http://openwall.info/wiki/passwdqc?do=login|log in]], then use the "Edit this page" (when on an existing page) and "Create this page" (when on an URL for a page that does not exist yet) buttons at the bottom.  You may also use the "Subscribe Changes" button to be notified (by e-mail) of any changes to the wiki page you're on.
+===== Non-English materials =====
+  * Russian discussion threads around the passwdqc 1.2.0 release and password security in general on [[https://www.opennet.ru/opennews/art.shtml?num=25838|OpenNet]] and [[https://www.linux.org.ru/news/security/4666947|linux.org.ru]] with many answers by [[:people/solar|Solar Designer]]
+===== Ports to and bindings for other programming languages =====
+These are third-party and unofficial:
+  * [[https://github.com/dchest/passwordcheck|Go bindings]] ([[https://godoc.org/github.com/dchest/passwordcheck|documentation]]) by [[https://dchest.com/about/|Dmitry Chestnykh]]
+  * [[https://github.com/odin-public/passwdqc-js|JavaScript port]] ([[https://jsfiddle.net/burashka/mdhs4/2/embedded/result/|demo]]) by Parallels (now Odin)
+  * [[https://metacpan.org/release/Data-Password-passwdqc|Perl module in CPAN]] by Sherwin Daganato
+  * [[https://github.com/helver/PHP_passwdqc_check|PHP_passwdqc_check]] by Eric Helvey, and [[https://github.com/timoh6/GenPhrase|GenPhrase]] by Timo H
+  * [[https://alastairs-place.net/projects/pwtools/|Python package]] (reimplementation with changes) by Alastair Houghton
+  * [[https://download.openwall.net/pub/projects/passwdqc/contrib/ruby/|Ruby projects derived from passwdqc]] by different authors
+[[https://download.openwall.net/pub/projects/passwdqc/contrib/|Local copies of these resources]]
+Additionally, passwdqc 1.3.0+ includes an official PHP wrapper script pwqcheck.php for the command-line pwqcheck program.
 ===== Packages of passwdqc =====
-==== ALT Linux ====
+==== By distribution ====
+=== ALT Linux ===
+  * [[https://packages.altlinux.org/en/sisyphus/srpms/passwdqc"]]
+  * [[https://git.altlinux.org/people/ldv/packages/?p=passwdqc.git]]
+=== Arch Linux ===
+  * [[https://aur.archlinux.org/packages/passwdqc-utils]]
+=== Debian ===
+  * [[https://packages.qa.debian.org/p/passwdqc.html]]
+=== Fedora ===
+  * [[https://packages.fedoraproject.org/pkgs/passwdqc/passwdqc/]]
+=== Gentoo ===
+  * [[https://packages.gentoo.org/packages/sys-auth/passwdqc]]
+=== NetBSD ===
+  * [[https://pkgsrc.se/security/pam-passwdqc]]
+=== OpenBSD ===
+  * [[https://www.mindrot.org/projects/passwdqc/]]
+  * [[https://openports.pl/path/security/passwdqc]]
-  * [[http://sisyphus.ru/en/srpm/passwdqc]]
+=== OpenSUSE ===
-  * [[http://git.altlinux.org/people/ldv/packages/?p=passwdqc.git]]
-==== Debian ====
+  * [[https://software.opensuse.org/package/passwdqc]]
-  * [[http://packages.qa.debian.org/p/passwdqc.html]]
+=== PLD ===
-  * [[http://bugs.debian.org/cgi-bin/pkgreport.cgi?src=passwdqc]]
-  * [[http://git.debian.org/?p=collab-maint/passwdqc.git]]
-==== Gentoo ====
+  * [[https://git.pld-linux.org/gitweb.cgi?p=packages/passwdqc.git]]
-  * [[http://gentoo-portage.com/sys-auth/pam_passwdqc]]
+=== RHEL alikes ===
-==== NetBSD ====
+  * [[https://sig-security.rocky.page/packages/passwdqc/]]
-  * [[http://pkgsrc.se/security/pam-passwdqc]]
+=== Ubuntu ===
-==== OpenBSD ====
+  * [[https://packages.ubuntu.com/source/passwdqc]]
-  * [[http://www.mindrot.org/projects/passwdqc/]]
+==== By package format ====
-  * [[http://www.openbsd.org/cgi-bin/cvsweb/ports/security/passwdqc/]]
-==== Ubuntu ====
+=== RPM ===
-  * [[http://packages.ubuntu.com/source/lucid/passwdqc]]
+  * [[https://rpmfind.net/linux/rpm2html/search.php?query=passwdqc]]
-  * [[http://packages.ubuntu.com/search?keywords=passwdqc]]
+  * [[https://rpms.remirepo.net/rpmphp/zoom.php?rpm=passwdqc]]