Summary of password strength discussion

Matthew Miller mattdm at
Fri Jul 24 16:27:42 UTC 2015

On Fri, Jul 24, 2015 at 09:40:53AM -0600, Chris Murphy wrote:
> > would it be reasonable to expect the sort of user that wants to use
> > SSH to be able to set that up?
> No. PKA is an esoteric skill, and you're confused by thinking it's a
> basic one.

We could set up two-factor authentication with FreeOTP.
Have the dialog provide a QR code for


and then also a token. Leave the users' password as six letters or
whatever, but also require this for SSH.

Still a little esoteric, but provisioning is easier, and people are
getting more used to it in general, hopefully. And as a bonus, this
jumps us up to level 3 identity assurance, I believe.

Matthew Miller
<mattdm at>
Fedora Project Leader

More information about the desktop mailing list