How To Check Password Strength In Linux With Cracklib?
Password security is important subject in IT. We call it password but actually it is a key to enter systems. Making authentication password-less by using key based authentication is more secure but it is not always possible. So for the password based authentication password strength is important.
How Can We Make Passwords Strong
Actually making passwords strong is easy. Important thing is making this as default behavior. Just typing more 5 character will make our systems like a castle.
- At least use 14 characters
- Use easy to remember expression
- Use . , ; ” ! more than 3 times
Ubuntu, Debian, Kali, Mint:
We will install
cracklib-runtime package with the following command for Ubuntu, Debian, Kali and Mint.
$ sudo apt-get install cracklib-runtime -y
Fedora, CentOS, RedHat:
cracklib is the package we will install in Fedora, CentOS, RedHat.
$ yum install cracklib.x86_64 -y
Check Given Password
There are different tools provided by
cracklib but the most useful and important one is
cracklib-check command. We will provide the password we want to check to the
cracklib-check command as standard input.
We will check the password
123456 which is insecure as we know.
$echo "123456" | cracklib-check
it is too short message means we need to use more characters than given password.
$ echo "admin" | cracklib-check
Ok or Password Is Secure
If the given password is secure the
OK message is printed to the screen.
$ echo "3dAmI12." | cracklib-check
Check Multiple Password From File
If checking passwords one by one is long process we can check password with a single run by providing them from a file. In this example we will write all passwords into file named
pass and redirect to the
cracklib-check command like below.
$ cat pass | cracklib-check