there is no "hard coding" it checks if the username and password are identical ... in teh beginning of working on developer mode this helped to force people to update their password and make sure dev-mode was properly enabled (we used to set the password to match teh username in former installs)
indeed this code needs to go ... password secuity needs to be managed while the password is being set anyway ** Changed in: android-tools (Ubuntu) Status: New => Confirmed ** Changed in: android-tools (Ubuntu) Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to android-tools in Ubuntu. https://bugs.launchpad.net/bugs/1371048 Title: phone believed to enforce undocumented password policy Status in “android-tools” package in Ubuntu: Confirmed Bug description: Per conversation on IRC with ogra. The phone will reject passwords which match the username. Fine and dandy, but isn't password security the responsibilty of other entities and code. Rejecting just this insecure password, hard-coded, seems a bit odd. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/android-tools/+bug/1371048/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp