Check password complexity using Python & Linux
Managing security is a critical part of the job for any system administrator. Python makes this job easier, as this example illustrates. Using the PWD module this simple Python program will detect all users in the Linux distro, access the password database and check it. It checks userids and passwords for security policy compliance (in this case, that userids are at least six characters long and passwords are at least eight characters long).
<<< CODE >>>
import pwd
#initialize counters
erroruser = []
errorpass = []
#get password database
passwd_db = pwd.getpwall()
try:
#check each user and password for validity
for entry in passwd_db:
username = entry[0]
password = entry [1]
if len(username) < 6:
erroruser.append(username)
if len(password) < 8:
errorpass.append(username)
#print results to screen
print "The following users have an invalid userid (less than six characters):"
for item in erroruser:
print item
print "\nThe following users have invalid password(less than eight characters):"
for item in errorpass:
print item
except:
print "There was a problem running the script."
<<< /CODE >>>
To test a "weak" linux distro , I will save this file as passcheck.py and run in on a virtualized Ubuntu system. I will use the syntax "python passcheck.py" under the shell mode. And this will generate the following output.
As we can see , we get a great listed output that shows us how many users have smaller user ID that 6 characters, and smaller passwords that 8 characters.
This could prevent a serious security flaw in the system.
Fell free to comment.
No comments:
Post a Comment