On Wed, 2015-01-28 at 16:05 -0700, Chris Murphy wrote:
On Wed, Jan 28, 2015 at 9:53 AM, Brian C. Lane <bcl(a)redhat.com>
wrote:
> I *know* this is going to be a bit of a pain to get used to. But
> the increased security is worth it. Super simple passwords will no
> longer be allowed, but it is still easy to come up with one that
> passes the checks. pwgen has lots of suggestions.
It's not worth it. It's a PITA. It's security theater. Windows, OS
X, Android, iOS - none of these require strong passwords, and the
last two don't even require passwords at all. The new password
requirement merely exposes the fact we're deficient in other areas
of system security, and we're masking that with this insulting baby
sitting nonsense.
Instead of coercion, it's more polite to call the user names
(stupid, idiot, moron, imbecile, etc) if they choose weak passwords.
Name calling is kinder, more convenient, and honest and capitulation
is optional. This password policy is complete utter bullcrap. This
doesn't happen on any other OS I use and it pisses me off that
Fedora is deciding to do this exactly wrong. It's really that
offensive.
Note that just last release, I managed to get g-i-s changed to allow
'weak' passwords with a warning, in order to be consistent with
anaconda and initial-setup...so now it'll have to get changed back
again.
https://bugzilla.gnome.org/show_bug.cgi?id=735578
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net