Summary of password strength discussion

Richard Turner rjt at
Thu Jul 23 19:32:55 UTC 2015

On 23 Jul 2015 5:56 pm, "Michael Catanzaro" <mcatanzaro at> wrote:
> We should have some user interaction when enabling SSH in the Sharing
> panel to force the user to pick a much stronger password.

I enable SSH on my boxes at home just so that I can access them from, e.g.
my phone. They're on a closed network, so the security risk is minimal even
with a weak password (I use keys anyway). I'd not want to be forced to
change my password just because I've enabled SSH. Could we not just warn
users about their passwords and leave it up to them to do something about
it instead of enforcing a stronger policy?

"Racing turtles, the grapefruit is winning..."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the desktop mailing list