Heads up - Anaconda 22.17 will enforce 'good' passwords

[Chris Murphy]

On Wed, Jan 28, 2015 at 9:53 AM, Brian C. Lane <bcl at redhat.com> wrote:

> I *know* this is going to be a bit of a pain to get used to. But the
> increased security is worth it. Super simple passwords will no longer be
> allowed, but it is still easy to come up with one that passes the
> checks. pwgen has lots of suggestions.

It's not worth it. It's a PITA. It's security theater. Windows, OS X,
Android, iOS - none of these require strong passwords, and the last
two don't even require passwords at all. The new password requirement
merely exposes the fact we're deficient in other areas of system
security, and we're masking that with this insulting baby sitting
nonsense.

Instead of coercion, it's more polite to call the user names (stupid,
idiot, moron, imbecile, etc) if they choose weak passwords. Name
calling is kinder, more convenient, and honest and capitulation is
optional. This password policy is complete utter bullcrap. This
doesn't happen on any other OS I use and it pisses me off that Fedora
is deciding to do this exactly wrong. It's really that offensive.


-- 
Chris Murphy