Heads up - Anaconda 22.17 will enforce 'good' passwords

Thu Jan 29 00:06:38 UTC 2015

Chris Murphy composed on 2015-01-28 16:05 (UTC-0700):

> Brian C. Lane wrote:

>> I *know* this is going to be a bit of a pain to get used to. But the

Much more than just "a bit" on a maintainer of multi multiboot systems. If
this actually makes it in and stays through F22 release, it'll be yet another
reason not to test future Anacondas (it still steams me that target / *must*
be formatted by Anaconda), and yet another reason to upgrade an existing
instead of installing fresh.

>> increased security is worth it. Super simple passwords will no longer be
>> allowed, but it is still easy to come up with one that passes the
>> checks.

Not so easy for one that is easy enough to both remember and type repeatedly
while testing.

> pwgen has lots of suggestions.

> It's not worth it. It's a PITA. It's security theater. Windows, OS X,
> Android, iOS - none of these require strong passwords, and the last
> two don't even require passwords at all. The new password requirement
> merely exposes the fact we're deficient in other areas of system
> security, and we're masking that with this insulting baby sitting
> nonsense.

+ + + + +

> Instead of coercion, it's more polite to call the user names (stupid,
> idiot, moron, imbecile, etc) if they choose weak passwords. Name
> calling is kinder, more convenient, and honest and capitulation is
> optional. This password policy is complete utter bullcrap. This
> doesn't happen on any other OS I use and it pisses me off that Fedora
> is deciding to do this exactly wrong. It's really that offensive.

+ + + + +
-- 
"The wise are known for their understanding, and pleasant
words are persuasive." Proverbs 16:21 (New Living Translation)

 Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!

Felix Miata  ***  http://fm.no-ip.com/