Is there a way I can stop users from using Leet Speak (4 instead of a, 7 instead of t, etc) in passwords?
Hey,
Leet Speak should be covered by the dictionary checks of our password checking library cracklib as documented here (in german): Q&A: Worauf wird beim Passwortqualitätscheck getestet?
EDIT: I think I misread your requirements. I don’t know what kind if ‘Leet Speak’ you have in mind: Do you want to stop users from using an old password again? Because I see no way to differentiate between ‘Leet Speak’ with the intend to obfuscate a word and a normal password with a 4.
One thing possible would be to prohibit these chars with the UCRV password/quality/forbidden/chars our you could add additional dictionaries to /usr/share/dict/, but apart from that I cannot see what you want to achieve.
Best regards
Jan-Luca