PWSCORE(1) General Commands Manual PWSCORE(1)

pwscore - simple configurable tool for checking quality of a password

pwscore [user]

pwscore is a simple tool for checking quality of a password. The password is read from stdin.

The tool uses the libpwquality library to perform configurable checks for minimum length, dictionary checking against cracklib dictionaries, and other checks.

It either reports an error if the password fails any of the checks, or it prints out the password quality score as an integer value between 0 and 100.

The password quality score is relative to the minlen setting in the configuration file. But in general values below 50 can be treated as moderate quality and above it fairly strong quality. Any password that passes the quality checks (especially the mandatory cracklib check) should withstand dictionary attacks and scores above 50 with the default minlen setting even fast brute force attacks.

The first and only optional argument is the user name that is used to check the similarity of the password to the username.

/etc/security/pwquality.conf - The configuration file for the libpwquality library.

pwscore returns 0 on success, non zero on error.

pwscore(1), pwquality.conf(5), pam_pwquality(8)

Tomas Mraz <tmraz@redhat.com>

2017-02-10 Red Hat, Inc.