Different ways to check password Complexity/Strength and Score in Linux?

We all know the password importance. It’s a best practices to use complex password.

Also, I recommend you to use the different password for each services such as email, ftp, ssh, etc.,

On top of that you should change the password frequently to avoid any unnecessary hacking attempt.By default RHEL and it’s clone uses cracklib module to check password strength.

We are going to discuss, how to check the password strength using cracklib module.

If you would like to check the password score which you have created then use the pwscore package.

If you would like to create a good password, basically it should have minimum 12-15 characters length.It should be created in the following combinations like, Alphabets (Lower case & Upper case), Numbers and Special Characters.

There are many utilities are available in Linux to check a password complexity and we are going to discuss about cracklib module today.

How to install cracklib module in Linux?

The cracklib module is available in most of the distribution repository so, use the distribution official package manager to install it.

For Fedora system, use DNF Command to install cracklib.

$ sudo dnf install cracklib

For Debian/Ubuntu systems, use APT-GET Command or APT Command to install libcrack2.

$ sudo apt install libcrack2

For Arch Linux based systems, use Pacman Command to install cracklib.

$ sudo pacman -S cracklib

For RHEL/CentOS systems, use YUM Command to install cracklib.

$ sudo yum install cracklib

For openSUSE Leap system, use Zypper Command to install cracklib.

$ sudo zypper install cracklib

How to use cracklib module in Linux to check Password complexity?

I have added few example in this article to make you understand better about this module.

If you use words like, person’s name or place name or common word then you will be getting an message “it is based on a dictionary word”.

$ echo "password" | cracklib-check
password: it is based on a dictionary word

The default password length in Linux is Seven characters. If you give any password less than seven characters then you will be getting an message “it is WAY too short”.

$ echo "123" | cracklib-check 
123: it is WAY too short

You will be getting OK When you give good password like us.

$ echo "ME$2w!@fgty6723" | cracklib-check
ME!@fgty6723: OK

How to install pwscore in Linux?

The pwscore package is available in most of the distribution official repository so, use the distribution package manager to install it.

For Fedora system, use DNF Command to install libpwquality.

$ sudo dnf install libpwquality

For Debian/Ubuntu systems, use APT-GET Command or APT Command to install libpwquality.

$ sudo apt install libpwquality

For Arch Linux based systems, use Pacman Command to install libpwquality.

$ sudo pacman -S libpwquality

For RHEL/CentOS systems, use YUM Command to install libpwquality.

$ sudo yum install libpwquality

For openSUSE Leap system, use Zypper Command to install libpwquality.

$ sudo zypper install libpwquality

If you are given any words like, person name or place name or common word then you will be getting a message “it is based on a dictionary word”.

$ echo "password" | pwscore
Password quality check failed:
 The password fails the dictionary check - it is based on a dictionary word

The default password length in Linux is Seven characters. If you give any password less than seven characters then you will be getting an message “it is WAY too short”.

$ echo "123" | pwscore
Password quality check failed:
 The password is shorter than 8 characters

You will be getting password score When you give good password like us.

$ echo "ME!@fgty6723" | pwscore
90

About Magesh Maruthamuthu

Love to play with all Linux distribution

View all posts by Magesh Maruthamuthu

Leave a Reply

Your email address will not be published. Required fields are marked *