Hey, folks. I'm writing with my Server SIG member hat on, here. We've been discussing password policy changes at our meeting today. So the Great Password Policy Bunfight of 2015 was resolved by anaconda creating a mechanism for products/spins to set their own password policy: https://github.com/rhinstaller/anaconda/commit/8f24eeaedd7691b6ebe119592e5bc09c1c42e181 I'm slightly worried, however, about the possibility that everyone goes out and picks a more lenient policy more or less at random and we wind up with different policies on every Fedora medium. That seems like it'd be needlessly confusing to users and difficult to document. I'm wondering if those products/spins intending to set a policy weaker than the default could all agree on the same one, so there'd only be at most two policies to care about (and if all products/spins overrode the upstream default, there'd only be one). The obvious choice would be the pre-F22 policy, which I believe should be: --nostrict --minlen=6 --minquality=50 --nochanges --emptyok (though it's not *entirely* clear from the code - I think it used pwquality upstream defaults - so I may be a bit off). What's the general feeling here? Have other SIGs discussed this yet? Come to any decisions? Thanks! -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net http://www.happyassassin.net _______________________________________________ cloud mailing list cloud@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/cloud Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
