Password strength checking for Kerberos KDCs

 krb5-strength provides a password quality plugin for the MIT Kerberos KDC
 (specifically the kadmind server), an external password quality program
 for use with Heimdal, and a per-principal password history implementation
 for Heimdal. Passwords can be tested with CrackLib, checked against a
 CDB or SQLite database of known weak passwords with some transformations,
 checked for length, checked for non-printable or non-ASCII characters
 that may be difficult to enter reproducibly, required to contain
 particular character classes, or any combination of these tests.
 .
 No dictionary is shipped with this package. A CrackLib dictionary can be
 created with the tools in cracklib-runtime, a CDB or SQLite database can
 be created from a password list (obtained separately) using the tools
 included in this package, or both.
 .
 The recommended packages are needed to generate CDB or SQLite databases
 and for the password history implementation for Heimdal.