FESCO request to revert password confirmation change in F22

Matěj Cepl mcepl at cepl.eu
Tue Mar 10 11:00:50 UTC 2015

On 2015-03-10, 10:15 GMT, Björn Persson wrote:
>> The user surely knows better what a good password is than the 
>> software does. If the user picks a crappy password, there's probably a good 
>> reason.
> There are two possible reasons why you would say that. Either you
> haven't even looked at the Ars Technica articles that have been
> discussed in this thread, or else you believe that a majority of users
> of all sorts of web services think it's all right if all the spies and
> script kiddies in the world have full access to their accounts.

I think certainly there should be some protection against 
passwords like "monkey" (why monkey and not kangaroo, for 
example?) or "iloveyou" (as the Pope Francis said our message 
should be based on love not hate!), but when it tries to do too 
much more it is getting in the way even to the people who 
actually know what they are talking about. VM machine used only 
for temporary compilation on the old platform just doesn't have 
to have 63-random-chars password from 


More information about the devel mailing list