Heads up - Anaconda 22.17 will enforce 'good' passwords
Adam Williamson
adamwill at fedoraproject.org
Wed Jan 28 23:54:06 UTC 2015
On Thu, 2015-01-29 at 07:41 +0800, Ed Greshko wrote:
> On 01/29/15 00:53, Brian C. Lane wrote:
> > This Friday's build of Anaconda will no longer allow you to use
> > weak passwords and click done twice. In order to promote more
> > secureish default systems I have increased the password length
> > required to 8 characters and removed allowing weak (as defined by
> > libpwquality) passwords.
> >
> > I *know* this is going to be a bit of a pain to get used to. But
> > the increased security is worth it. Super simple passwords will no
> > longer be allowed, but it is still easy to come up with one that
> > passes the checks. pwgen has lots of suggestions.
> >
> > And on the bright side, you don't have to click done twice anymore
> > :)
> >
>
> You use the pronoun "I" in your message. Can we, the community,
> know if it was a unilateral decision or if it was discussed with
> others? If it was discussed with others is there a record of the
> discussion so we can know the arguments presented?
It was done as a follow-up / alternative to this Change proposal:
https://fedoraproject.org/wiki/Changes/SSHD_PermitRootLogin_no
a lot of the reaction to that was along the lines of 'well, why not
just make sure the root password is secure', and that got picked up by
anaconda folks. You can follow the discussion in the devel@ and
anaconda-devel-list archives.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net
More information about the test
mailing list