create-cracklib-dict

create-cracklib-dict wordlist ... > pw_dict

wordlist ...
    One or more input files containing lists of words or passwords to include in the dictionary.

create-cracklib-dict is a utility from the CrackLib library used to build a compressed dictionary file for password strength checking. It processes one or more input wordlist files, sorts and deduplicates the words, applies phonetic transformations to catch variants, and outputs a single packed pw_dict file to stdout.

This dictionary enables efficient lookups for common weak passwords, dictionary words, and mangled variants in tools like pam_cracklib or passwd. The process involves creating an index, depth file, and prefix data all bundled into one file.

Usage typically involves redirecting output to a system-wide location like /lib/cracklib/pw_dict or /usr/lib/cracklib/pw_dict. It requires significant temporary disk space during processing, proportional to the input size.

Requires substantial temporary disk space (up to 10x input size); output must be redirected as it writes to stdout only; input files should be plain text, one word per line.

create-cracklib-dict /usr/share/dict/words /usr/share/dict/american-english > /lib/cracklib/pw_dict

Then run cracklib-check to verify.

Produces a single pw_dict file containing packed wordlist, index, offsets, and phonetic data for fast querying.

Developed by Alec Muffett in 1993 as part of Crack password cracker; evolved into standalone CrackLib library, widely used in Linux distros for PAM modules since late 1990s.

cracklib-check(1), cracklib-packer(8), cracklib-unpacker(8)