I haven't checked the configuration in some time, so I don't know about minimum password requirements.
I did recall this patch on SourceForge to call out to cracklib and require a strong password. If you're comfortable with Javascript, you could modify the change password screen to dynamically update a password status (weak, strong, secure) and only enable the "change" button when both password fields match and meet minimum password requirements. -Tom On Oct 29, 2014, at 11:08 AM, <pbre...@purplecat.net> <pbre...@purplecat.net> wrote: > Tom, > > Thanks for the reply. Of course, sorry for the naïve query. Yes we use > qmailadmin to allow password changes by end users. > > And we’ve just found a writeup here: > http://mugurel.sumanariu.ro/qmail/qmailadmin-check-if-password-is-strong-enough/ > but it seems a little dodgy. > > There isn’t by any chance a build time variable for qmail admin or something > a little more within the source tree than the above patch method? > > Thanks again for your reply. > > > Sincerely, > > Peter Brezny > Purplecat Networks Inc. > www.purplecat.net > 828-250-9446 > > From: Tom Collins > Sent: Wednesday, October 29, 2014 1:56 PM > To: vchkpw@inter7.com > > The vchkpw program verifies the password. Are you wondering about the > vpasswd program for changing a password? That's an admin program, and > wouldn't typically enforce a password change policy. > > How do your users currently change their passwords? QmailAdmin? Some other > program? You would have to incorporate password requirements into that > program, and not the one that validates a password. > > -Tom > > > On Oct 29, 2014, at 7:42 AM, Peter Brezny wrote: > > Dear vchkpw@inter7.com, > > > > Is there a way to enforce a minimum length and character combination > > (letters, numbers, upper case) with vchkpw and if not, are there patches or > > external applications that integrate well with vchkpw to get this > > functionality? > > > > > !DSPAM:5451791d26511096114170!
