On Tuesday 12 July 2016 17:53:29 mwnx wrote: > > So, you're blaming a perfectly good (and reasonably secure) way of > > remote access, but somehow assume that weak passwords are ok. > > By that logic you should not stop there. Why not blame any remote access > > mechanism that uses PAM for password checking as well? > > There are many kinds of systems on which weak passwords are OK. For > instance, a home PC has no need whatsoever for a strong password. If > someone breaks into my home, they have access to my data anyway; and > the password is for local use only. If some malware gets into my > computer, it can get the root password through keylogging. > > Note: this weak password can still be useful to protect my privacy > from guests.
Then it is up to you to reconfigure anything that this attitude leaves insecure that you want secure. (Why? The break in scenario still applies.) Lisi
