Follow @Openwall on Twitter for new release announcements and other news
[<prev] [day] [month] [year] [list]
Message-ID: <20230625191132.GA22787@openwall.com>
Date: Sun, 25 Jun 2023 21:11:32 +0200
From: Solar Designer <solar@...nwall.com>
To: announce@...ts.openwall.com, passwdqc-users@...ts.openwall.com
Subject: passwdqc 2.0.3

Hi,

This is to announce passwdqc 2.0.3, a new minor version of our
password/passphrase strength checking and enforcement tool set:

https://www.openwall.com/passwdqc/

Significant changes between 2.0.2 and 2.0.3:

Added Cygwin support (by Chad Dougherty).

Added pkg-config file (by Egor Ignatov).

Changed enforce=users to support "chpasswd" PAM service in addition to
traditionally supported "passwd" (by Dmitry V. Levin).

There are also several smaller changes by me and one by Fangrui Song.

Also available is a corresponding update of passwdqc for Windows,
version 2.0.3.0:

https://www.openwall.com/passwdqc/windows/

Consistently with Microsoft guidelines for password filters, passwdqc
for Windows now bypasses the password policy checks for the username
"krbtgt" and also for usernames starting with "krbtgt_" (KRBTGT accounts
for RODCs).  Passwords for these are randomly-generated by the system
and apparently tend to contain mostly or solely non-ASCII characters,
which for passwdqc would appear to be all in one category and thus could
result in passwdqc blocking a required automated krbtgt password reset.

I'd like to thank everyone who contributed to these releases, not only
directly, but also with issue reports.

Finally, the pre-generated leaked password filter files available under
paid subscription from Openwall have been updated (quite a while ago) to
include HIBP v8, encoding the 847+ million unique passwords (from
billions of accounts) in a 3.3 GiB (3.5 GB) file.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.