> So, you're blaming a perfectly good (and reasonably secure) way of > remote access, but somehow assume that weak passwords are ok. > By that logic you should not stop there. Why not blame any remote access > mechanism that uses PAM for password checking as well?
There are many kinds of systems on which weak passwords are OK. For instance, a home PC has no need whatsoever for a strong password. If someone breaks into my home, they have access to my data anyway; and the password is for local use only. If some malware gets into my computer, it can get the root password through keylogging. Note: this weak password can still be useful to protect my privacy from guests. -- mwnx GPG: AEC9 554B 07BD F60D 75A3 AF6A 44E8 E4D4 0312 C726
