Summary of password strength discussion

Michael Catanzaro mcatanzaro at
Thu Jul 23 20:10:26 UTC 2015

On Thu, 2015-07-23 at 20:32 +0100, Richard Turner wrote:
> I enable SSH on my boxes at home just so that I can access them from, 
> e.g. my phone. They're on a closed network, so the security risk is 
> minimal even with a weak password (I use keys anyway). I'd not want 
> to be forced to change my password just because I've enabled SSH. 
> Could we not just warn users about their passwords and leave it up to 
> them to do something about it instead of enforcing a stronger policy?

The problem is that you are a very exceptional case, and in the general
case, if the user gets this wrong the box gets owned by bad guys. So I
think for your case, it would be best to not use the sharing panel.

More information about the desktop mailing list