PHP offers a wonderful
means for doing so via the CrackLib library, created by Alec Muffett (http://
www.crypticide.com/dropsafe/). CrackLib is intended to test the strength of a password
by setting certain benchmarks that determine its guessability, including:
??? Length: Passwords must be longer than four characters.
??? Case: Passwords cannot be all lowercase.
??? Distinction: Passwords must contain adequate different characters. In addition,
the password cannot be blank.
??? Familiarity: Passwords cannot be based on a word found in a dictionary. In
addition, passwords cannot be based on the reverse spelling of a word found in
the dictionary. Dictionaries are discussed further in a bit.
??? Standard numbering: Because CrackLib??™s author is British, he thought it a
good idea to check against patterns similar to what is known as a National Insurance
(NI) number. The NI number is used in Britain for taxation, much like the
Social Security number (SSN) is used in the United States. Coincidentally, both
numbers are nine characters long, allowing this mechanism to efficiently prevent
the use of either, if a user is naive enough to use such a sensitive identifier for
this purpose.
Installing PHP??™s CrackLib Extension
To use the CrackLib extension, you need to first download and install the CrackLib
library, available at http://sourceforge.net/projects/cracklib.
Pages:
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460