Announcing "ANLpasswd" (formally perl-passwd2). While other programs check for bad passwords after the fact, it is important to have good passwords at all times, not just after the latest Crack run. To this end we have modified Larry Wall's Perl password program and added; "ypsmarts", so that it does the intelligent thing in an NIS environment, it allows for gecos changes, and also checks a sorted list of all the "bad passwords". The list of bad passwords are ALL the words that Crack will generate, given all the dictionaries that we could get our hands on (107 MB of unique words, so far). The combination of improvements has turned publicly available code into a powerful tool that can aid sites in the maintenance of local security. We have presented this code at SURF 92 and SUG 92. It has also been referenced in _Unix Review_. We have been using it for a year now and haven't had any major problems. I know that a couple other sites are also using it. It currently runs on: Sun, IBM, NeXT, SGI, Intel iPSC860, Alliant, Encore, BBN TC200, Solbourne, Sequent. Also if you enter a reasonable email address to our not-so-anonymous ftp server, we will notify you of any updates. It can be anonymous ftp'd from: info.mcs.anl.gov You'll find the whole package in: /pub/systems/anlpasswd-2.3.tar.gz If you find it useful, please let us know. Also please let us know of any improvements you may add.