On 02/12/2015 04:19 AM, Kamil Paral wrote:
On 02/05/2015 12:36 PM, Brian C. Lane wrote:
Next to impossible? Really? I've find it easy to come up with passwords
that work. We even report libpwquality's reason for any failures.
I tried it today with the images built for anaconda dnf test day [1]
> On 02/05/2015 12:36 PM, Brian C. Lane wrote:
> > Next to impossible? Really? I've find it easy to come up with passwords
> > that work. We even report libpwquality's reason for any failures.
I tried it today with the images built for anaconda dnf test day [1]. The
results are very much differen
A ticket has been opened with FESCo.
https://fedorahosted.org/fesco/ticket/1412
--
Scott Robbins
PGP keyID EB3467D6
( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 )
gpg --keyserver pgp.mit.edu --recv-keys EB3467D6
--
test mailing list
test@lists.fedoraproject.org
To unsubscribe:
https://admin.f
Hi
On Wed, Jan 28, 2015 at 11:53 AM, Brian C. Lane wrote:
> This Friday's build of Anaconda will no longer allow you to use weak
> passwords and click done twice. In order to promote more secureish
> default systems I have increased the password length required to 8
> characters and removed allo
On Thu, Feb 05, 2015 at 03:03:50PM -0800, Rick Stevens wrote:
> I have to agree with Chris. I have absolutely no issue with the
> installer _warning_ me that the password I chose is (in the INSTALLER's
> opinion) weak. The installer should ABSOLUTELY NOT force me to use some
> arbitrarily obscure
On Thu, 2015-02-05 at 13:59 -0500, Felix Miata wrote:
> Brian C. Lane composed on 2015-02-05 09:36 (UTC-0800):
>
> > We should be
> > encouraging them to choose stronger passwords and we should
> > remember that we're not the only people running Fedora.
>
> BIG difference between encouraging, an
On 02/05/2015 01:27 PM, Scott Robbins wrote:
On Thu, Feb 05, 2015 at 12:53:45PM -0700, Chris Murphy wrote:
On Thu, Feb 5, 2015 at 10:36 AM, Brian C. Lane wrote:
Next to impossible? Really? I've find it easy to come up with passwords
that work.
You think this is easy. Other's don't. It's a c
up - Anaconda 22.17 will enforce 'good' passwords
On 02/05/2015 12:36 PM, Brian C. Lane wrote:
> Next to impossible? Really? I've find it easy to come up with passwords
> that work. We even report libpwquality's reason for any failures.
'my name is' (good)
On Thu, Feb 05, 2015 at 12:53:45PM -0700, Chris Murphy wrote:
> On Thu, Feb 5, 2015 at 10:36 AM, Brian C. Lane wrote:
>
> > Next to impossible? Really? I've find it easy to come up with passwords
> > that work.
>
> You think this is easy. Other's don't. It's a condescending,
> pointless, and unw
On Thu, Feb 5, 2015 at 10:36 AM, Brian C. Lane wrote:
> Next to impossible? Really? I've find it easy to come up with passwords
> that work.
You think this is easy. Other's don't. It's a condescending,
pointless, and unwinnable argument, and it needs to stop.
I tried anaconda 22.17. I failed to
Brian C. Lane composed on 2015-02-05 09:36 (UTC-0800):
> We should be
> encouraging them to choose stronger passwords and we should remember
> that we're not the only people running Fedora.
BIG difference between encouraging, and paternalistic forcing. Forcing is
what happens to slaves and prison
On Thu, Feb 05, 2015 at 10:47:44AM -0500, David Cantrell wrote:
> On Thu, Feb 05, 2015 at 09:53:30AM +0100, Matthias Clasen wrote:
> > On Mon, 2015-02-02 at 18:38 -0500, David Cantrell wrote:
> > > On Sun, Feb 01, 2015 at 09:53:05PM -0500, Matthias Clasen wrote:
> > > > On Fri, 2015-01-30 at 14:03
On Thu, Feb 05, 2015 at 09:53:30AM +0100, Matthias Clasen wrote:
> On Mon, 2015-02-02 at 18:38 -0500, David Cantrell wrote:
> > On Sun, Feb 01, 2015 at 09:53:05PM -0500, Matthias Clasen wrote:
> > > On Fri, 2015-01-30 at 14:03 -0800, Adam Williamson wrote:
> > >
> > > > I think the main point is t
On Thu, Feb 05, 2015 at 09:38:52AM +, Andre Robatino wrote:
> Matthias Clasen redhat.com> writes:
>
> > Let me ask now, then: can we make the change to reject 'weak' passwords
> > specific to only those products that enable sshd by default, please ?
>
> If the only concern is remote attacks,
Matthias Clasen redhat.com> writes:
> Let me ask now, then: can we make the change to reject 'weak' passwords
> specific to only those products that enable sshd by default, please ?
If the only concern is remote attacks, I'd like to see someone answer the
earlier question about whether Fedora ha
On Mon, 2015-02-02 at 18:38 -0500, David Cantrell wrote:
> On Sun, Feb 01, 2015 at 09:53:05PM -0500, Matthias Clasen wrote:
> > On Fri, 2015-01-30 at 14:03 -0800, Adam Williamson wrote:
> >
> > > I think the main point is the one nirik made; I don't think the devs
> > > agree with your assessment
On Sun, Feb 01, 2015 at 09:53:05PM -0500, Matthias Clasen wrote:
> On Fri, 2015-01-30 at 14:03 -0800, Adam Williamson wrote:
>
> > I think the main point is the one nirik made; I don't think the devs
> > agree with your assessment of how significant this is. It's a minor
> > inconvenience; you j
On Fri, 2015-01-30 at 14:03 -0800, Adam Williamson wrote:
> I think the main point is the one nirik made; I don't think the devs
> agree with your assessment of how significant this is. It's a minor
> inconvenience; you just have to come up with a password that passes
> the check, or use a kick
>we also have no data about the prevalence of weak passwords or attacks
>on default-configured Fedora systems
On my firewall system, /var/log/secure is larger than 300 megabytes
(less than one month of data), most of it reports of failed login
attempts to root. I am very careful about passwords o
On Sat, 2015-01-31 at 21:21 -0500, Richard Ryniker wrote:
> Recapitiulation:
>
> A security problem was recognized because the ssh daemon is enabled
> by default on Fedora systems: with a weak root password, a remote
> attacker might easily obtain unlimited access.
This is not quite correct; i
On Sat, Jan 31, 2015 at 09:21:45PM -0500, Richard Ryniker wrote:
> Recapitiulation:
>
> A security problem was recognized because the ssh daemon is enabled by
> default on Fedora systems: with a weak root password, a remote attacker
> might easily obtain unlimited access.
>
> The direct solution
Recapitiulation:
A security problem was recognized because the ssh daemon is enabled by
default on Fedora systems: with a weak root password, a remote attacker
might easily obtain unlimited access.
The direct solution would seem to be a change to the ssh daemon to
prohibit root login in its defa
On Fri, Jan 30, 2015 at 3:03 PM, Adam Williamson
wrote:
> On Fri, 2015-01-30 at 14:49 -0700, Chris Murphy wrote:
>>
>> I just don't see any consideration here except specious statements
>> like better security is always a plus. That was the summary extent
>> of the entire decision making process.
On Fri, 2015-01-30 at 14:49 -0700, Chris Murphy wrote:
>
> I just don't see any consideration here except specious statements
> like better security is always a plus. That was the summary extent
> of the entire decision making process.
Well, no, AFAICS there isn't anything like that. It was a f
On Fri, Jan 30, 2015 at 2:49 PM, Chris Murphy wrote:
> its
> devices without passwords are regularly used on public encrypted wifi
> and the world is not ending.
Oops, that should be non-encrypted.
--
Chris Murphy
--
test mailing list
test@lists.fedoraproject.org
To unsubscribe:
https://admin
On Fri, Jan 30, 2015 at 1:21 PM, Adam Williamson
wrote:
> On Fri, 2015-01-30 at 12:59 -0700, Chris Murphy wrote:
>> What's the actual, real world,
>> non-imaginary impetus behind the change?
>
> It's exactly what all the list posts I pointed you to say it is.
Please go find quotes because I just
On Fri, Jan 30, 2015 at 1:13 PM, Kevin Fenzi wrote:
> Just FYI, this will likely be my last post to this thread.
>
> On Fri, 30 Jan 2015 12:59:12 -0700
> Chris Murphy wrote:
>> User who want or need more secure passwords can always opt in without
>> affect anyone else. Why is the project's insta
On Fri, 2015-01-30 at 16:08 -0500, Scott Robbins wrote:
> On Fri, Jan 30, 2015 at 01:13:47PM -0700, Kevin Fenzi wrote:
> > Just FYI, this will likely be my last post to this thread.
> >
> > I think most people think it's not such a big deal and cannot see
> > why you are so stridently affected by
On Fri, 2015-01-30 at 13:13 -0700, Kevin Fenzi wrote:
> Because you cannot just say "This is some decision, I know whatever I
> do will have good and bad tradeoffs, therefore, I will just not decide
> and expose all the possible choices to the user". Thats just not
> tenable.
That is exactly wha
If you like your password you can keep it. Period.
Otherwise write it down as in "War Games"
--
Chuck Forsberg WA7KGX c...@omen.com www.omen.com
Developer of Industrial ZMODEM(Tm) for Embedded Applications
Omen Technology Inc "The High Reliability Software"
10255 NW Old
On Fri, Jan 30, 2015 at 12:54:22PM -0800, Rick Stevens wrote:
>
> If I wanted to be led by the nose, restricted in what I can do and
> nannied constantly, I'd use Windows or a freaking Mac. Sheesh!
Errm, no, they let you choose the password.
Heh, could be a new advertising slogan. YOU choose
On Friday, January 30, 2015 04:08:19 PM Scott Robbins wrote:
> On Fri, Jan 30, 2015 at 01:13:47PM -0700, Kevin Fenzi wrote:
> > Just FYI, this will likely be my last post to this thread.
> >
> > I think most people think it's not such a big deal and cannot see why
> > you are so stridently affecte
On Fri, Jan 30, 2015 at 01:13:47PM -0700, Kevin Fenzi wrote:
> Just FYI, this will likely be my last post to this thread.
>
> I think most people think it's not such a big deal and cannot see why
> you are so stridently affected by it.
With all due respect, I think that several others, includin
On 01/30/2015 12:21 PM, Adam Williamson wrote:
On Fri, 2015-01-30 at 12:59 -0700, Chris Murphy wrote:
What's the actual, real world,
non-imaginary impetus behind the change?
It's exactly what all the list posts I pointed you to say it is. I
don't know how to stop the conspiracy virus which cau
On Fri, 2015-01-30 at 12:59 -0700, Chris Murphy wrote:
> What's the actual, real world,
> non-imaginary impetus behind the change?
It's exactly what all the list posts I pointed you to say it is. I
don't know how to stop the conspiracy virus which causes people to
leap to the conclusion that the
Just FYI, this will likely be my last post to this thread.
On Fri, 30 Jan 2015 12:59:12 -0700
Chris Murphy wrote:
> ATMs have rate and retry limits, among other mechanisms, to permit a 4
> digit numeric PIN being adequately secure. Does Fedora have limits on
> rate and retries? If not, why not?
On Fri, 2015-01-30 at 08:05 -0600, Chris Adams wrote:
>
> This change was _announced_ here, not discussed (and some responses
> make it sound like it is not open to discussion). There was no real
> justification for the change in the announcement, except for a vague
> "better security" bit. T
On Fri, Jan 30, 2015 at 9:54 AM, Kevin Fenzi wrote:
> On Fri, 30 Jan 2015 22:11:12 +0530
> Sudhir Khanger wrote:
>
>> On Thursday, January 29, 2015 01:30:11 PM David Lehman wrote:
>> > Pick a single "strong" password that you can remember and use it
>> > for all of them. Pretty easy, really.
>>
>
On Friday, January 30, 2015 09:54:00 AM Kevin Fenzi wrote:
> IMHO, this isn't so big a deal. I'll have to change my throw away
> instance test password from 'abc123' to something like 'tacosyum99'
> Shrug.
I agree. It is surely not a big deal but the logic behind it is a little weak
and paternal
On Fri, 30 Jan 2015 22:11:12 +0530
Sudhir Khanger wrote:
> On Thursday, January 29, 2015 01:30:11 PM David Lehman wrote:
> > Pick a single "strong" password that you can remember and use it
> > for all of them. Pretty easy, really.
>
> It's not my memory but its my fingers. I will have to enter
On Thursday, January 29, 2015 01:30:11 PM David Lehman wrote:
> Pick a single "strong" password that you can remember and use it for all
> of them. Pretty easy, really.
It's not my memory but its my fingers. I will have to enter a long password
over and over again for no real reasons.
--
Regar
Once upon a time, Adam Williamson said:
> There's no policy (AFAIK) on what is and is not a Change. FESCo has
> the power to effectively declare something to be a Change (and thus
> subject to review and so forth) if it decides to do so, but there's
> nothing beyond that. And as I said to other
On Thu, 2015-01-29 at 23:36 -0500, Bob Lightfoot wrote:
>
> Have we considered what this will do when used with fedup if
> anything?
> Or will the F21 "weak" password be grandfathered in?
It's a change to the installer. It has nothing at all to do with fedup.
--
Adam Williamson
Fedora QA Co
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/29/2015 11:04 PM, Rejy M Cyriac wrote:
> On 01/30/2015 01:00 AM, David Lehman wrote:
>> On 01/29/2015 06:29 AM, Sudhir Khanger wrote:
>>> On Wednesday, January 28, 2015 08:53:42 AM Brian C. Lane
>>> wrote:
This Friday's build of Anaconda wil
On 01/30/2015 01:00 AM, David Lehman wrote:
> On 01/29/2015 06:29 AM, Sudhir Khanger wrote:
>> On Wednesday, January 28, 2015 08:53:42 AM Brian C. Lane wrote:
>>> This Friday's build of Anaconda will no longer allow you to use weak
>>> passwords and click done twice. In order to promote more secure
On Thu, Jan 29, 2015 at 7:23 PM, Adam Williamson
wrote:
> And as I said to otherChris, 'without open
> discussion' is just plainly false. There's a ton of 'open discussion',
> spread across three mailing lists.
That's confused. On devel@ the discussion was about the original
change feature. On an
Adam Williamson composed on 2015-01-29 18:23 (UTC-0800):
> You could also, of course, wait more than
> one lousy day to give the devs a chance to reply before whipping up a
> storm of righteous indignation, but so often that seems too much to
> ask?
I wonder if a point of Brian's OP was to ga
On Thu, 2015-01-29 at 19:55 -0600, Chris Adams wrote:
> Once upon a time, Adam Williamson said:
> > It's not actually something that is part of the Change's scope,
> > but an alternative way to try and achieve the same goal: the
> > overall thought process was "well, what the Change proposer rea
Once upon a time, Adam Williamson said:
> It's not actually something that is part of the Change's scope, but an
> alternative way to try and achieve the same goal: the overall thought
> process was "well, what the Change proposer really wants is to reduce
> the likelihood of compromise via pas
Chris Murphy colorremedies.com> writes:
> If this is really an improvement in security, which it isn't because
> an 8 character "good" password still has very low entropy, then it
It depends - if the only concern is remote access, and there is a limit on
the number of login attempts (either by n
On Thu, Jan 29, 2015 at 4:32 PM, Adam Williamson
wrote:
> On Thu, 2015-01-29 at 16:24 -0700, Chris Murphy wrote:
>>
>> > It's not actually something that is part of the Change's scope,
>> > but an alternative way to try and achieve the same goal: the
>> > overall thought process was "well, what th
On Thu, 2015-01-29 at 16:24 -0700, Chris Murphy wrote:
>
> > It's not actually something that is part of the Change's scope,
> > but an alternative way to try and achieve the same goal: the
> > overall thought process was "well, what the Change proposer really
> > wants is to reduce the likelih
On Thu, Jan 29, 2015 at 3:18 PM, Adam Williamson
wrote:
> On Thu, 2015-01-29 at 15:09 -0700, Chris Murphy wrote:
>> On Thu, Jan 29, 2015 at 2:23 PM, Adam Williamson <
>> adamw...@fedoraproject.org> wrote:
>> > Seriously. Stop this. I have already asked people to stop
>> > assigning negative motiva
On Thu, 2015-01-29 at 15:09 -0700, Chris Murphy wrote:
> On Thu, Jan 29, 2015 at 2:23 PM, Adam Williamson <
> adamw...@fedoraproject.org> wrote:
> > Seriously. Stop this. I have already asked people to stop
> > assigning negative motivations to others without due cause. This
> > is not being exce
On Thu, Jan 29, 2015 at 2:23 PM, Adam Williamson
wrote:
> Seriously. Stop this. I have already asked people to stop assigning
> negative motivations to others without due cause. This is not being
> excellent to each other.
"Your user password for your computer is arbitrarily unacceptable to
the F
On Thu, 2015-01-29 at 14:01 -0700, Chris Murphy wrote:
> On Wed, Jan 28, 2015 at 5:33 PM, Samuel Sieb wrote:
>
> > I just don't understand the reasoning here. Sure, make it very
> > clear that
> > the chosen password is weak. Make me jump through several hoops
> > before accepting the weak pa
On Wed, Jan 28, 2015 at 5:33 PM, Samuel Sieb wrote:
> I just don't understand the reasoning here. Sure, make it very clear that
> the chosen password is weak. Make me jump through several hoops before
> accepting the weak password. But it's my computer! Why can't I make the
> (informed) choic
On 01/29/2015 06:29 AM, Sudhir Khanger wrote:
On Wednesday, January 28, 2015 08:53:42 AM Brian C. Lane wrote:
This Friday's build of Anaconda will no longer allow you to use weak
passwords and click done twice. In order to promote more secureish
default systems I have increased the password leng
On 01/29/2015 06:30 PM, Scott Robbins wrote:
On Thu, Jan 29, 2015 at 01:37:39PM +0100, Jos Vos wrote:
On Thu, Jan 29, 2015 at 12:56:56AM +, Sérgio Basto wrote:
+1 , I'm against enforce 'good' passwords , it is pretty clear, double
click if you want have an insecure password and system .
On Thu, Jan 29, 2015 at 01:37:39PM +0100, Jos Vos wrote:
> On Thu, Jan 29, 2015 at 12:56:56AM +, Sérgio Basto wrote:
>
> > +1 , I'm against enforce 'good' passwords , it is pretty clear, double
> > click if you want have an insecure password and system .
>
> +1, enforcing will create lots of
On Thu, Jan 29, 2015 at 12:56:56AM +, Sérgio Basto wrote:
> +1 , I'm against enforce 'good' passwords , it is pretty clear, double
> click if you want have an insecure password and system .
+1, enforcing will create lots of frustrations for people often creating
internal test systems, etc.
On 01/29/2015 05:59 PM, Sudhir Khanger wrote:
On Wednesday, January 28, 2015 08:53:42 AM Brian C. Lane wrote:
This Friday's build of Anaconda will no longer allow you to use weak
passwords and click done twice. In order to promote more secureish
default systems I have increased the password len
On Wednesday, January 28, 2015 08:53:42 AM Brian C. Lane wrote:
> This Friday's build of Anaconda will no longer allow you to use weak
> passwords and click done twice. In order to promote more secureish
> default systems I have increased the password length required to 8
> characters and removed a
On Wed, Jan 28, 2015 at 04:05:55PM -0700, Chris Murphy wrote:
> On Wed, Jan 28, 2015 at 9:53 AM, Brian C. Lane wrote:
>
> > I *know* this is going to be a bit of a pain to get used to. But the
> > increased security is worth it. Super simple passwords will no longer be
> > allowed, but it is stil
On Wed, 2015-01-28 at 19:23 -0600, John Morris wrote:
> On Wed, 2015-01-28 at 19:33 -0500, Samuel Sieb wrote:
> > On 01/28/2015 06:54 PM, Adam Williamson wrote:
> > > It was done as a follow-up / alternative to this Change proposal:
> > >
> > > https://fedoraproject.org/wiki/Changes/SSHD_PermitRoo
On Wed, 2015-01-28 at 19:33 -0500, Samuel Sieb wrote:
> On 01/28/2015 06:54 PM, Adam Williamson wrote:
> > It was done as a follow-up / alternative to this Change proposal:
> >
> > https://fedoraproject.org/wiki/Changes/SSHD_PermitRootLogin_no
> >
> > a lot of the reaction to that was along the lin
On Wed, 2015-01-28 at 19:29 -0500, Samuel Sieb wrote:
> On 01/28/2015 06:54 PM, Adam Williamson wrote:
> > a lot of the reaction to that was along the lines of 'well, why
> > not just make sure the root password is secure', and that got
> > picked up by anaconda folks. You can follow the discussi
On Qua, 2015-01-28 at 16:05 -0700, Chris Murphy wrote:
> On Wed, Jan 28, 2015 at 9:53 AM, Brian C. Lane wrote:
>
> > I *know* this is going to be a bit of a pain to get used to. But the
> > increased security is worth it. Super simple passwords will no longer be
> > allowed, but it is still easy
On 01/28/2015 06:54 PM, Adam Williamson wrote:
It was done as a follow-up / alternative to this Change proposal:
https://fedoraproject.org/wiki/Changes/SSHD_PermitRootLogin_no
a lot of the reaction to that was along the lines of 'well, why not
just make sure the root password is secure', and th
On 01/28/2015 06:54 PM, Adam Williamson wrote:
a lot of the reaction to that was along the lines of 'well, why not
just make sure the root password is secure', and that got picked up by
anaconda folks. You can follow the discussion in the devel@ and
anaconda-devel-list archives.
Is it just the r
Chris Murphy composed on 2015-01-28 16:05 (UTC-0700):
> Brian C. Lane wrote:
>> I *know* this is going to be a bit of a pain to get used to. But the
Much more than just "a bit" on a maintainer of multi multiboot systems. If
this actually makes it in and stays through F22 release, it'll be yet an
On Thu, 2015-01-29 at 07:41 +0800, Ed Greshko wrote:
> On 01/29/15 00:53, Brian C. Lane wrote:
> > This Friday's build of Anaconda will no longer allow you to use
> > weak passwords and click done twice. In order to promote more
> > secureish default systems I have increased the password length
On Wed, Jan 28, 2015 at 4:17 PM, Adam Williamson
wrote:
> Note that just last release, I managed to get g-i-s changed to allow
> 'weak' passwords with a warning, in order to be consistent with
> anaconda and initial-setup...so now it'll have to get changed back
> again.
I thought of this. And I'm
On 01/29/15 00:53, Brian C. Lane wrote:
> This Friday's build of Anaconda will no longer allow you to use weak
> passwords and click done twice. In order to promote more secureish
> default systems I have increased the password length required to 8
> characters and removed allowing weak (as defined
On Wed, 2015-01-28 at 16:05 -0700, Chris Murphy wrote:
> On Wed, Jan 28, 2015 at 9:53 AM, Brian C. Lane
> wrote:
>
> > I *know* this is going to be a bit of a pain to get used to. But
> > the increased security is worth it. Super simple passwords will no
> > longer be allowed, but it is still
On 01/28/2015 05:20 PM, Andre Robatino wrote:
One could use the passwd command to change the password after the install
(assuming the passwd command won't require strong passwords as well). There
Only root can force passwd to allow weak passwords unless you change the
pam config files. You ca
On Wed, Jan 28, 2015 at 9:53 AM, Brian C. Lane wrote:
> I *know* this is going to be a bit of a pain to get used to. But the
> increased security is worth it. Super simple passwords will no longer be
> allowed, but it is still easy to come up with one that passes the
> checks. pwgen has lots of s
On Wed, Jan 28, 2015 at 22:20:54 +,
Andre Robatino wrote:
down, they could forget it after the install, and be locked out. I was also
wondering about ways to get around the password - for example if the disk
isn't encrypted, or there's no bootloader password. Wouldn't anaconda need
to enfor
drago01 gmail.com> writes:
> On Wed, Jan 28, 2015 at 5:53 PM, Brian C. Lane redhat.com> wrote:
>
> > I *know* this is going to be a bit of a pain to get used to. But the
> > increased security is worth it.
>
> Depends ... if you force user to choose a password that they can't
> possibly rememb
On Wed, Jan 28, 2015 at 5:53 PM, Brian C. Lane wrote:
> I *know* this is going to be a bit of a pain to get used to. But the
> increased security is worth it.
Depends ... if you force user to choose a password that they can't
possibly remember you increase the likelihood of them just writing it
>Super simple passwords will no longer be allowed... increased security is
>worth it.
No, you just made installation more bothersome - the user will then have
to set the passwords he wants after installation is complete. It is good
to warn about a weak password, but I feel I know better than you
On Wed, Jan 28, 2015 at 08:53:42 -0800,
"Brian C. Lane" wrote:
I *know* this is going to be a bit of a pain to get used to. But the
increased security is worth it. Super simple passwords will no longer be
allowed, but it is still easy to come up with one that passes the
checks. pwgen has lots
This Friday's build of Anaconda will no longer allow you to use weak
passwords and click done twice. In order to promote more secureish
default systems I have increased the password length required to 8
characters and removed allowing weak (as defined by libpwquality)
passwords.
I *know* this is g
83 matches
Mail list logo
