FWIW the security team said they were OK with this for the time being;
the problem is essentially that (a) very few utilities are available at
the point when we need to check this, e.g. not things like cracklib, (b)
in the graphical installer, UI constraints require that the password
strength be checked on the fly so it needs to be quick. Thus we ended up
with the current compromise.
** Package changed: debian-installer (Ubuntu) => user-setup (Ubuntu)
** Changed in: user-setup (Ubuntu)
Importance: Undecided => Wishlist
** Changed in: user-setup (Ubuntu)
Status: New => Triaged
--
Installer does not check if password is strong enough
https://bugs.launchpad.net/bugs/423775
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
