diff --git a/contrib/passwordcheck/passwordcheck.c b/contrib/passwordcheck/passwordcheck.c
index d5f9d14b010..70f056232fe 100644
--- a/contrib/passwordcheck/passwordcheck.c
+++ b/contrib/passwordcheck/passwordcheck.c
@@ -91,6 +91,9 @@ check_password(const char *username,
 		int			i;
 		bool		pwd_has_letter,
 					pwd_has_nonletter;
+#ifdef USE_CRACKLIB
+		const char *reason;
+#endif
 
 		/* enforce minimum length */
 		if (pwdlen < MIN_PWD_LENGTH)
@@ -125,10 +128,11 @@ check_password(const char *username,
 
 #ifdef USE_CRACKLIB
 		/* call cracklib to check password */
-		if (FascistCheck(password, CRACKLIB_DICTPATH))
+		if ((reason = FascistCheck(password, CRACKLIB_DICTPATH)))
 			ereport(ERROR,
 					(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
-					 errmsg("password is easily cracked")));
+					 errmsg("password is easily cracked"),
+					 errdetail_log("cracklib diagnostic: %s", reason)));
 #endif
 	}