Quote:
Originally Posted by
incredible
In Solaris, you can't do that, even if you try, might be with least success for the forth coming issues that you might come across or face.
Here is what I would do (based on the assumption that accounts won't be locked on first failed attempt) and is essentially the same method as Stevie used, but will work even in the event that the passwd command cannot be used.
1. Inform the users that you are going to perform a security audit of passwords.
2. Run a script that runs a login against each user attempting to use the username as a password, the result speaks for itself.
You will sacrifice a login attempt for each user, but you will have informed them all of this.
As for me, I have a security policy which requires that tools like
JTR are used to identify weak passwords, so I don't do specific checks like this manually.