Security incident on Fedora infrastructure on 23 Jan 2011
Ricky Zhou
ricky at fedoraproject.org
Wed Jan 26 17:51:05 UTC 2011
On 2011-01-25 01:24:54 PM, Jose Manimala wrote:
> One question is should a password length and secure password creation
> check be enforced on the FAS system. Like regular expression checks
> and stuff. I know this is asking a lot, the current implementation
> allows me to have a simple password if I remember(need to check) been
> long. And password expiry? :)
Good point, password complexity checks are still listed as a TODO in
FAS (although we do have a minimum length of 8 implemented), looks like
we just never got to doing it. I've added a note about those in
https://fedorahosted.org/fedora-infrastructure/ticket/2574,
which we will discuss in the next infra meeting.
Thanks,
Ricky
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/infrastructure/attachments/20110126/defcfaa4/attachment.bin
More information about the infrastructure
mailing list