Summary of password strength discussion

Matthew Miller mattdm at
Thu Jul 23 21:53:40 UTC 2015

On Thu, Jul 23, 2015 at 01:34:10PM -0500, Michael Catanzaro wrote:
> > I didn't look at the code, but I was just playing with libpwquality
> > a little bit, and it appears that a number of basic checks, like
> > looking for palindromes, are actually disabled as part of disabling
> > dictionary checks. That may or may not be what you want. An
> > alternative to disabling dictionary checks would be to use a
> > smaller dictionary - still restricting password, 123456, qwerty,
> > and the like (I think it's reasonably argued that these would not
> > be "great" at keeping out a human typing on they keyboard)
> I think that's probably what we want.

That's a little ambiguous. I'm assuming you're saying that the limited
dictionary is what you want. I went ahead and filed
<>. (I think this'd
be useful in general for anyone who wants this sort of policy.)

Matthew Miller
<mattdm at>
Fedora Project Leader

More information about the desktop mailing list