http://savannah.gnu.org/support/?108600 ... The password I was choosing should be plenty strong for this.
I admit I have some sympathy with the view that our password requirements are too stringent. How about requiring only two classes for eight-char passwords instead of three? Sure, it is weaker, but there's a tradeoff between pain for users (high) and likelihood of a bad guy ever getting the encrypted passwords (low). Besides, if a bad guy does get the encrypted pws, that probably means they have root on savannah and our problems are a lot worse than 2-class vs. 3-class passwords. karl
