Right now I am renewing some of my passwords, simply changing passwords of my accounts in sites that I created 6 months or 1 year ago, as it is not my intention to always leave the same password because… now I am renewing some.
A few moments ago I wrote an article about makepasswd and I had already written another about pwgen (I keep using this) but now I have the doubt: How secure are my passwords?
Although it is true that when using lower case, upper case, numbers and other characters it is known that really strong passwords are generated, it is always good for an application to tell you: «yes kid, your passwords are excellent»😀
For this there is the command cracklib check (belongs to the package libcrack2)
To install it simply install that package: libcrack2 (on Debian - » sudo apt-get install libcrack2 and in Ubuntu - » sudo apt-get install cracklib-runtime libcrack2)
Then we just have to pass the password and that's it, that is ... we execute it in a terminal:
sudo cracklib-check
They will see that it is waiting, that is, it only shows us the cursor to write ... there let's say for example: desdelinux.net and ... I leave you a screenshot that will surely help you understand:
As you can see, they write a password and press [Enter] and it will tell them how good / secure their password is, the criteria is based on whether the password contains NOT only letters, as well as different letters, etc.
Another way to check a password is using echo and passing the password with a pipe to cracklib-check, at the end of the screenshot I showed you how, basically:
echo "el-password-que-quieran-comprobar" | sudo cracklib-check
And well there is not much more to add, this I imagine you will find interesting 😀
regards
Will there be something similar in Arch repos?
It seems to me that it is php-crack (AUR), but I just tried to install it and it gives me compilation error. And I am lazy to find how to fix it. 😛
Me too, too bad ...
Nope, it was not that, it is cracklib that is in the repos, but I do not like that it only responds with an OK. I prefer the site I put in the comments of the other article which estimates the time it would take to crack the password.
Interesting, but in X / ubuntu just installing libcrack2 is not enough, you need to install cracklib-runtime.
Thanks for the information, I already edit the post 😀
It is an interesting point but in Spanish the tool does not contemplate many things, I have put some words that seemed obvious to me and they have given OK being that it should show them as dictionary-based. So it should not be taken as a definitive "security". Cheers
A few days ago I found a pass checker in html and javascript, the coolest and most portable, it comes by default in the total commander 2012 that is fashionable for win users.
I did not know this tool, very interesting. Thanks KZKG ^ Gaara 🙂.
I begin to imagine why they consider you a Taliban!
Hehehe!
Greetings and Thanks for the tip!
In arch is in core so enough
#sudo pacman -S cracklib