Bug#724627: cracklib-runtime: cracklib-check should deny key-runs with dvorak keyboard variants

2017-02-23 Thread Alexander Perlis 
It's not that qwerty layout runs per se are denied, it's that too many 
consecutive character pairs are denied. Certain qwerty layout runs 
simply happen to contain many consecutive character pairs.


As the prior message observes, the bug is annoying: augmenting an 
otherwise acceptable password by appending consecutive characters 
renders it no longer acceptable!


The bug is real, but has nothing to do with qwerty-vs-dvorak. The Fedora 
project addresses it by simply disregarding consecutive character pairs 
as adding any "length strength".


-/*  Change by Ben Karsin from ITS at University of Hawaii at Manoa. 
 Static MAXSTEP

-would generate many false positives for long passwords. */
-maxrepeat = 3+(0.09*strlen(password));
-if (i > maxrepeat)
+/*  We were still generating false positives for long passwords.
+Just count systematic double as a single character. */
+if (len - i < MINLEN)

Regards,
Alex

Bug#724627: cracklib-runtime: cracklib-check should deny key-runs with dvorak keyboard variants

2013-09-25 Thread Tore Ferner 
Package: cracklib-runtime
Version: 2.8.19-3
Severity: wishlist

Dear Maintainer,

Normal qwerty layout key-runs are denied:

  $ sudo cracklib-check
  asdfghjkl
  asdfghjkl: it is too simplistic/systematic

but the same run with dvorak is accepted:

  aoeuidhtn
  aoeuidhtn: OK

This leads to somewhat counterintuitive results like:

  ,.pyfgc
  ,.pyfgc: OK
  ,.pyfgcrl12345
  ,.pyfgcrl12345: it is too simplistic/systematic

Neither password is good, but...

Best regards,
Tore



-- System Information:
Debian Release: 7.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=nb_NO.utf8, LC_CTYPE=nb_NO.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages cracklib-runtime depends on:
ii  file   5.11-2
ii  libc6  2.13-38
ii  libcrack2  2.8.19-3
ii  zlib1g 1:1.2.7.dfsg-13

Versions of packages cracklib-runtime recommends:
ii  wamerican [wordlist]   7.1-1
ii  wnorwegian [wordlist]  2.0.10-5.1
ii  wspanish [wordlist]1.0.26
ii  wswedish [wordlist]1.4.5-2.1

cracklib-runtime suggests no packages.

-- Configuration Files:
/etc/logcheck/ignore.d.paranoid/cracklib-runtime [Errno 13] Ikke tilgang: 
u'/etc/logcheck/ignore.d.paranoid/cracklib-runtime'

-- debconf-show failed


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org