However,
if the password is weak, one of a number of different messages could be returned.
Table 14-1 offers a few other passwords, and the resulting outcome from passing
them through crack_check().
CHAPTER 14 ?– AUTHENTICATING YOUR USERS 383
By writing a short conditional statement, you can create user-friendly, detailed
responses based on the information returned from CrackLib. Of course, if the response
is strong password, you can allow the user??™s password choice to take effect.
Dictionaries
Listing 14-10 uses the cracklib_dict.pwd dictionary, which is generated by CrackLib
during the installation process. Note that in the example, the extension .pwd is not
included when referring to the file. This seems to be a quirk with the way that PHP
wants to refer to this file, and could change some time in the future so that the extension
is also required.
You are also free to use other dictionaries, of which there are many freely available
on the Internet. Furthermore, you can find dictionaries for practically every spoken
language. One particularly complete repository of such dictionaries is available on the
University of Oxford??™s FTP site: ftp.ox.ac.uk. In addition to quite a few language dictionaries,
the site offers a number of interesting specialized dictionaries, including one
containing keywords from many Star Trek plot summaries. At any rate, regardless of the
dictionary you decide to use, simply assign its location to the crack.
Pages:
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462