Jeff Bastian wrote:
On Mon, 17 Dec 2007, Jeremy Katz wrote:
The problem is that it's really hard to give good guidance on a
"minimally-strong" password. And doing a series of dialogs is no
better than just one -- the people that are going to bypass the
recommendation are still going to do so, they're just going to be more
annoyed about it and complain more
I agree. I do not believe Anaconda is the right place to enforce
password strength policies. Every organization has its own policy on
passwords (strength, how often to change, etc.) and trying to put a
policy in Anaconda is sure to conflict with somebody's policy and
generate complaints.
The only way to not conflict with others' policies is not to have a policy.
Furthermore, since you can use the encrypted password in a kickstart file
password --iscrypted $1$abc....
how can you check the strength? If a box gets rooted, Anaconda could
get blamed for not warning the user of a weak password.
Thank you very much for all your comments
I understood what you mean.
I and some of my friends felt that the following case is a little strange.
That's why I posted these patches to this list.
--------
1. after finished installation and try to change root password using "passwd",
"passwd" command shows warning message for root password of dictionary word.
2. but anaconda can not show any warning message for root password of dictionary word.
--------
I'm glad that I could hear your current opinions and comments,
and I appreciate all of your comments and opinions.
thank you,
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
