On Mon, September 3, 2007 08:37, Bas Zoetekouw wrote: > And what's the rationale to change the minimum length to 8? It won't > help security, as people who pick weak passwords now, will still pick weak, > but longer, passwords.
I agree with Bas here: I'm all for removing the Debian deviation from upstream, so please go ahead with that, but raising it further is not necessarily a useful thing to do. I can easily think of a 6-char password that is a lot more difficult to guess than an 8 char one. Thijs -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]