Hello all-

We have multiple Unix systems at our site, the most prevalent being HP-UX. One of areas for improvment is around passwords. Yes I know, big surprise. What we are finding out is that for now we have to reactively attack this area, meaning going through occasionally and cracking passwords, notifying the users of those weak passwords, per server and then wait for them to change their password and retest.

We realize that this is a temporary and even a shaky strategy, so we want to take a proactive approach, much like they can in the Windows world with strong passwords turned on. We already have password aging turned on, however we cannot at this time, check the strength of the passwords when entered.

So does anyone know of an application or tool that works for unix that checks peoples passwords when they change them?

We will soon be also pursuing LDAP-UX once AD is rolled out on the Windows side.

Please advise.

Thanks!