On Fri, Sep 06, 2013 at 11:30:30AM -0600, Stephen John Smoogen wrote:
I am all for 16+ character passwords, but what you get is
qazwsxedcrfvtgb
versus injureCarpRoast. And then you get a TON of backlash on how hard it
is to create a 16 character password that they can remember. Doing our
weaker Fedora password rules of 9->12] was enough for me to realize that
the amount of pushback one gets from even 'security minded' people. My
first question would be is the 8MB worth the pain of that OR would a better
solution for ultra-small installations is a kickstart %post scriptlet which
does the config that is needed to not have a cracklib installed (because
any ultrasmall installation is going to need a lot of scriptlets).
What I was thinking was a 16-character configuration if the cracklib dict
isn't installed or is small, and the current 8-character configuration
otherwise. Maybe this is silly.
--
Matthew Miller mattdm(a)mattdm.org <
http://mattdm.org/>