Summary of password strength discussion

Matthew Miller mattdm at
Fri Jul 24 18:52:58 UTC 2015

On Fri, Jul 24, 2015 at 12:42:51PM -0600, Chris Murphy wrote:
> OK so you're suggesting this only get provisioned with MFA if the user
> enables SSH in the GNOME GUI? If it's enabled via systemctl then it's
> just password only, and no MFA? Because if MFA is required then there

Right, unless you configure multi-factor by hand. My specific concer is
that there's a relatively easy to access switch which opens up the
system to more exposure than may be immediately obvious. I think the
idea of forcing a password change when this switch is toggled has some
problems. Maybe adding some more explanatory text to the dialog for
enabling "Remote login" could help, but I'm skeptical about that too;
hence this suggestion.

Matthew Miller
<mattdm at>
Fedora Project Leader

More information about the desktop mailing list