One of the common rules of password security is to never
pick a dictionary word or a minor substitution of a dictionary word as a
password. Despite this well known adage,
many password complexity filters will verify the number of uppercase,
lowercase, numerical, and special characters, as well as length, yet will never
check to see if the password contains a dictionary word. In this article, I demonstrate the
development of a Perl based password complexity filter that will check to see
if a password contains a dictionary word or a minor variant of one. The article can be accessed here: The Development of a Perl-based
Password Complexity Filter
For anyone interested in using this methodology in their own
Perl applications, the technique described in the article has been incorporated
into the Data::Password::Filter module
by Mohammad S Anwar. The Perl module can be found here: http://search.cpan.org/~manwar/Data-Password-Filter-0.04/lib/Data/Password/Filter.pm
No comments:
Post a Comment