The kadmin documentation describes 5 character classes recognized by password policy: uppercase, lowercase, numbers, punctuation, and other. That last one is causing me a lot of heartache at the moment. Is there a way to disable the fifth class, or specifically require each of the first four?
I ask because my understanding of the 5th class is that it is entirely non-printable characters. A password policy that requires all 5 will be difficult for a user to comply with since non-printable characters are hard (sometimes impossible) to type. But a password policy that requires 4 of the 5 leaves open the possibility of excluding one of the first 4 if a user actually manages to enter something that falls into that last class. It's very common for company policies, for example, to require a number in password. In this scheme, that's not possible to enforce unless you require all 5. Is there another way to tackle this or is there something that I'm missing here? Thanks, Paul ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
