In order to promote a more secure default installation increse the password length needed for root and user passwords in the GUI. --- pyanaconda/constants.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pyanaconda/constants.py b/pyanaconda/constants.py index 1aa7f9d..0bd23d3 100644 --- a/pyanaconda/constants.py +++ b/pyanaconda/constants.py @@ -134,7 +134,7 @@ FIRSTBOOT_ENVIRON = "firstboot" UNSUPPORTED_HW = 1 << 28
# Password validation -PASSWORD_MIN_LEN = 6 +PASSWORD_MIN_LEN = 8 PASSWORD_EMPTY_ERROR = N_("The password is empty.") PASSWORD_CONFIRM_ERROR_GUI = N_("The passwords do not match.") PASSWORD_CONFIRM_ERROR_TUI = N_("The passwords you entered were different. Please try again.")
Remove the double done click for weak passwords. Root passwords must meet pwquality's minimum requirements in order to be used. --- pyanaconda/ui/gui/spokes/password.py | 27 +++++++-------------------- 1 file changed, 7 insertions(+), 20 deletions(-)
diff --git a/pyanaconda/ui/gui/spokes/password.py b/pyanaconda/ui/gui/spokes/password.py index 186e802..a7a65fb 100644 --- a/pyanaconda/ui/gui/spokes/password.py +++ b/pyanaconda/ui/gui/spokes/password.py @@ -32,7 +32,7 @@ from pyanaconda.ui.helpers import InputCheck
from pyanaconda.constants import PASSWORD_EMPTY_ERROR, PASSWORD_CONFIRM_ERROR_GUI,\ PASSWORD_STRENGTH_DESC, PASSWORD_WEAK, PASSWORD_WEAK_WITH_ERROR,\ - PASSWORD_WEAK_CONFIRM, PASSWORD_WEAK_CONFIRM_WITH_ERROR, PW_ASCII_CHARS, PASSWORD_ASCII + PW_ASCII_CHARS, PASSWORD_ASCII
__all__ = ["PasswordSpoke"]
@@ -86,7 +86,6 @@ class PasswordSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler) self.add_check(self.confirm, self._checkPasswordEmpty)
# Counters for checks that ask the user to click Done to confirm - self._waiveStrengthClicks = 0 self._waiveASCIIClicks = 0
# Password validation data @@ -209,7 +208,6 @@ class PasswordSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler) pwtext = self.pw.get_text()
# Reset the counters used for the "press Done twice" logic - self._waiveStrengthClicks = 0 self._waiveASCIIClicks = 0
self._pwq_valid, strength, self._pwq_error = validatePassword(pwtext, "root") @@ -250,18 +248,10 @@ class PasswordSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler)
if pwstrength < 2: # If Done has been clicked twice, waive the check - if self._waiveStrengthClicks > 1: - return InputCheck.CHECK_OK - elif self._waiveStrengthClicks == 1: - if self._pwq_error: - return _(PASSWORD_WEAK_CONFIRM_WITH_ERROR) % self._pwq_error - else: - return _(PASSWORD_WEAK_CONFIRM) + if self._pwq_error: + return _(PASSWORD_WEAK_WITH_ERROR) % self._pwq_error else: - if self._pwq_error: - return _(PASSWORD_WEAK_WITH_ERROR) % self._pwq_error - else: - return _(PASSWORD_WEAK) + return _(PASSWORD_WEAK) else: return InputCheck.CHECK_OK
@@ -283,13 +273,10 @@ class PasswordSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler) return InputCheck.CHECK_OK
def on_back_clicked(self, button): - # If the failed check is for password strenght or non-ASCII - # characters, add a click to the counter and check again + # If the failed check is for non-ASCII characters, + # add a click to the counter and check again failed_check = next(self.failed_checks_with_message, None) - if failed_check == self._pwStrengthCheck: - self._waiveStrengthClicks += 1 - self._pwStrengthCheck.update_check_status() - elif failed_check == self._pwASCIICheck: + if failed_check == self._pwASCIICheck: self._waiveASCIIClicks += 1 self._pwASCIICheck.update_check_status()
Remove the double done click for weak passwords. User passwords must meet pwquality's minimum requirements in order to be used. --- pyanaconda/ui/gui/spokes/user.py | 34 ++++++++-------------------------- 1 file changed, 8 insertions(+), 26 deletions(-)
diff --git a/pyanaconda/ui/gui/spokes/user.py b/pyanaconda/ui/gui/spokes/user.py index c3a45ca..08f1e60 100644 --- a/pyanaconda/ui/gui/spokes/user.py +++ b/pyanaconda/ui/gui/spokes/user.py @@ -36,8 +36,8 @@ from pyanaconda.ui.gui.helpers import GUISpokeInputCheckHandler, GUIDialogInputC from pykickstart.constants import FIRSTBOOT_RECONFIG from pyanaconda.constants import ANACONDA_ENVIRON, FIRSTBOOT_ENVIRON,\ PASSWORD_EMPTY_ERROR, PASSWORD_CONFIRM_ERROR_GUI, PASSWORD_STRENGTH_DESC,\ - PASSWORD_WEAK, PASSWORD_WEAK_WITH_ERROR, PASSWORD_WEAK_CONFIRM,\ - PASSWORD_WEAK_CONFIRM_WITH_ERROR, PW_ASCII_CHARS, PASSWORD_ASCII + PASSWORD_WEAK, PASSWORD_WEAK_WITH_ERROR,\ + PW_ASCII_CHARS, PASSWORD_ASCII from pyanaconda.regexes import GECOS_VALID, USERNAME_VALID, GROUPNAME_VALID, GROUPLIST_FANCY_PARSE
__all__ = ["UserSpoke", "AdvancedUserDialog"] @@ -255,7 +255,6 @@ class UserSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler): self.b_advanced = self.builder.get_object("b_advanced")
# Counters for checks that ask the user to click Done to confirm - self._waiveStrengthClicks = 0 self._waiveASCIIClicks = 0
self.guesser = { @@ -426,7 +425,6 @@ class UserSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler): username = self.username.get_text()
# Reset the counters used for the "press Done twice" logic - self._waiveStrengthClicks = 0 self._waiveASCIIClicks = 0
self._pwq_valid, strength, self._pwq_error = validatePassword(pwtext, username) @@ -541,10 +539,6 @@ class UserSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler): The password strength has already been checked in _updatePwQuality, called previously in the signal chain. This method converts the data set from there into an error message. - - The password strength check can be waived by pressing "Done" twice. This - is controlled through the self._waiveStrengthClicks counter. The counter - is set in on_back_clicked, which also re-runs this check manually. """
# Skip the check if no password is required @@ -559,19 +553,10 @@ class UserSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler): pwstrength = self.pw_bar.get_value()
if pwstrength < 2: - # If Done has been clicked twice, waive the check - if self._waiveStrengthClicks > 1: - return InputCheck.CHECK_OK - elif self._waiveStrengthClicks == 1: - if self._pwq_error: - return _(PASSWORD_WEAK_CONFIRM_WITH_ERROR) % self._pwq_error - else: - return _(PASSWORD_WEAK_CONFIRM) + if self._pwq_error: + return _(PASSWORD_WEAK_WITH_ERROR) % self._pwq_error else: - if self._pwq_error: - return _(PASSWORD_WEAK_WITH_ERROR) % self._pwq_error - else: - return _(PASSWORD_WEAK) + return _(PASSWORD_WEAK) else: return InputCheck.CHECK_OK
@@ -613,13 +598,10 @@ class UserSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler): self.admin.set_active(self._wheel.name in self._user.groups)
def on_back_clicked(self, button): - # If the failed check is for password strength or non-ASCII - # characters, add a click to the counter and check again + # If the failed check is for non-ASCII characters, + # add a click to the counter and check again failed_check = next(self.failed_checks_with_message, None) - if failed_check == self._pwStrengthCheck: - self._waiveStrengthClicks += 1 - self._pwStrengthCheck.update_check_status() - elif failed_check == self._pwASCIICheck: + if failed_check == self._pwASCIICheck: self._waiveASCIIClicks += 1 self._pwASCIICheck.update_check_status()
No longer used. --- pyanaconda/constants.py | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/pyanaconda/constants.py b/pyanaconda/constants.py index 0bd23d3..46e00f2 100644 --- a/pyanaconda/constants.py +++ b/pyanaconda/constants.py @@ -138,10 +138,8 @@ PASSWORD_MIN_LEN = 8 PASSWORD_EMPTY_ERROR = N_("The password is empty.") PASSWORD_CONFIRM_ERROR_GUI = N_("The passwords do not match.") PASSWORD_CONFIRM_ERROR_TUI = N_("The passwords you entered were different. Please try again.") -PASSWORD_WEAK = N_("The password you have provided is weak. You will have to press Done twice to confirm it.") -PASSWORD_WEAK_WITH_ERROR = N_("The password you have provided is weak: %s. You will have to press Done twice to confirm it.") -PASSWORD_WEAK_CONFIRM = N_("You have provided a weak password. Press Done again to use anyway.") -PASSWORD_WEAK_CONFIRM_WITH_ERROR = N_("You have provided a weak password: %s. Press Done again to use anyway.") +PASSWORD_WEAK = N_("The password you have provided is weak.") +PASSWORD_WEAK_WITH_ERROR = N_("The password you have provided is weak: %s.") PASSWORD_ASCII = N_("The password you have provided contains non-ASCII characters. You may not be able to switch between keyboard layouts to login. Press Done to continue.")
PASSWORD_STRENGTH_DESC = [N_("Empty"), N_("Weak"), N_("Fair"), N_("Good"), N_("Strong")]
On 01/26/2015 07:33 PM, Brian C. Lane wrote:
In order to promote a more secure default installation increse the password length needed for root and user passwords in the GUI.
pyanaconda/constants.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pyanaconda/constants.py b/pyanaconda/constants.py index 1aa7f9d..0bd23d3 100644 --- a/pyanaconda/constants.py +++ b/pyanaconda/constants.py @@ -134,7 +134,7 @@ FIRSTBOOT_ENVIRON = "firstboot" UNSUPPORTED_HW = 1 << 28
# Password validation -PASSWORD_MIN_LEN = 6 +PASSWORD_MIN_LEN = 8 PASSWORD_EMPTY_ERROR = N_("The password is empty.") PASSWORD_CONFIRM_ERROR_GUI = N_("The passwords do not match.") PASSWORD_CONFIRM_ERROR_TUI = N_("The passwords you entered were different. Please try again.")
I like these a lot. ACK.
On 01/26/2015 08:33 PM, Brian C. Lane wrote:
Remove the double done click for weak passwords. Root passwords must meet pwquality's minimum requirements in order to be used.
pyanaconda/ui/gui/spokes/password.py | 27 +++++++-------------------- 1 file changed, 7 insertions(+), 20 deletions(-)
I'm not fond of removing the option for weak passwords entirely. We can make the warning louder maybe, but if we remove any option to waive it are we really helping users or just annoying them?
On Mon, Jan 26, 2015 at 05:33:25PM -0800, Brian C. Lane wrote:
Remove the double done click for weak passwords. Root passwords must meet pwquality's minimum requirements in order to be used.
Should this behavior also be mirrored in text mode? I think the YesNoDialog could probably just be removed from EditTUIDialog and that should probably be ok.
pyanaconda/ui/gui/spokes/password.py | 27 +++++++-------------------- 1 file changed, 7 insertions(+), 20 deletions(-)
diff --git a/pyanaconda/ui/gui/spokes/password.py b/pyanaconda/ui/gui/spokes/password.py index 186e802..a7a65fb 100644 --- a/pyanaconda/ui/gui/spokes/password.py +++ b/pyanaconda/ui/gui/spokes/password.py @@ -32,7 +32,7 @@ from pyanaconda.ui.helpers import InputCheck
from pyanaconda.constants import PASSWORD_EMPTY_ERROR, PASSWORD_CONFIRM_ERROR_GUI,\ PASSWORD_STRENGTH_DESC, PASSWORD_WEAK, PASSWORD_WEAK_WITH_ERROR,\
PASSWORD_WEAK_CONFIRM, PASSWORD_WEAK_CONFIRM_WITH_ERROR, PW_ASCII_CHARS, PASSWORD_ASCII
PW_ASCII_CHARS, PASSWORD_ASCII__all__ = ["PasswordSpoke"]
@@ -86,7 +86,6 @@ class PasswordSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler) self.add_check(self.confirm, self._checkPasswordEmpty)
# Counters for checks that ask the user to click Done to confirm
self._waiveStrengthClicks = 0 self._waiveASCIIClicks = 0 # Password validation data@@ -209,7 +208,6 @@ class PasswordSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler) pwtext = self.pw.get_text()
# Reset the counters used for the "press Done twice" logic
self._waiveStrengthClicks = 0 self._waiveASCIIClicks = 0 self._pwq_valid, strength, self._pwq_error = validatePassword(pwtext, "root")@@ -250,18 +248,10 @@ class PasswordSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler)
if pwstrength < 2: # If Done has been clicked twice, waive the check
if self._waiveStrengthClicks > 1:return InputCheck.CHECK_OKelif self._waiveStrengthClicks == 1:if self._pwq_error:return _(PASSWORD_WEAK_CONFIRM_WITH_ERROR) % self._pwq_errorelse:return _(PASSWORD_WEAK_CONFIRM)
if self._pwq_error:return _(PASSWORD_WEAK_WITH_ERROR) % self._pwq_error else:
if self._pwq_error:return _(PASSWORD_WEAK_WITH_ERROR) % self._pwq_errorelse:return _(PASSWORD_WEAK)
return _(PASSWORD_WEAK) else: return InputCheck.CHECK_OK@@ -283,13 +273,10 @@ class PasswordSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler) return InputCheck.CHECK_OK
def on_back_clicked(self, button):
# If the failed check is for password strenght or non-ASCII# characters, add a click to the counter and check again
# If the failed check is for non-ASCII characters,# add a click to the counter and check again failed_check = next(self.failed_checks_with_message, None)
if failed_check == self._pwStrengthCheck:self._waiveStrengthClicks += 1self._pwStrengthCheck.update_check_status()elif failed_check == self._pwASCIICheck:
if failed_check == self._pwASCIICheck: self._waiveASCIIClicks += 1 self._pwASCIICheck.update_check_status()-- 1.9.3
anaconda-patches mailing list anaconda-patches@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/anaconda-patches
On Tue, Jan 27, 2015 at 12:57:30PM -0500, David Shea wrote:
On 01/26/2015 08:33 PM, Brian C. Lane wrote:
Remove the double done click for weak passwords. Root passwords must meet pwquality's minimum requirements in order to be used.
pyanaconda/ui/gui/spokes/password.py | 27 +++++++-------------------- 1 file changed, 7 insertions(+), 20 deletions(-)
I'm not fond of removing the option for weak passwords entirely. We can make the warning louder maybe, but if we remove any option to waive it are we really helping users or just annoying them?
I used to agree. But it really it isn't hard to come up with a password that passes the checks and is easy to remember. eg. 1q0o2w9i3e8u (a keyboard pattern)
The people who are most effected by this are us, and testers. But the goal is more secure installations, not to not annoy ourselves :)
On Tue, Jan 27, 2015 at 01:02:52PM -0500, Samantha N. Bueno wrote:
On Mon, Jan 26, 2015 at 05:33:25PM -0800, Brian C. Lane wrote:
Remove the double done click for weak passwords. Root passwords must meet pwquality's minimum requirements in order to be used.
Should this behavior also be mirrored in text mode? I think the YesNoDialog could probably just be removed from EditTUIDialog and that should probably be ok.
Yeah, I need to look over the TUI password code more closely, it looks like it isn't using pwquality at all right now?
On Tue, Jan 27, 2015 at 10:25:10AM -0800, Brian C. Lane wrote:
On Tue, Jan 27, 2015 at 01:02:52PM -0500, Samantha N. Bueno wrote:
On Mon, Jan 26, 2015 at 05:33:25PM -0800, Brian C. Lane wrote:
Remove the double done click for weak passwords. Root passwords must meet pwquality's minimum requirements in order to be used.
Should this behavior also be mirrored in text mode? I think the YesNoDialog could probably just be removed from EditTUIDialog and that should probably be ok.
Yeah, I need to look over the TUI password code more closely, it looks like it isn't using pwquality at all right now?
Hmm, well, it is using validatePassword like the GUI. It's just more stripped down since it's not showing password strength.
Samantha
anaconda-patches@lists.fedorahosted.org
-
Brian C. Lane -
David Lehman -
David Shea -
Samantha N. Bueno