Hi Johan, > His point in short: passwords are not all that important any more. > All virus spreading and hacking these days is done by sending malicous mails and by visiting malicious sites. <polemical-mode>If your brother in law doesn't see that the virus argument doesn't apply to the question of whether or not to choose strong passwords maybe he shouldn't be a software developer in the first place.</polemical-mode> Strong passwords don't protect against viruses, phishing etc. pp., that is true. But having weak passwords opens a plethora of other attack vectors beside that, and as for instance the iTunes hack shows there *are* real-world scenarios where passwords are attacked successfully. Just put an ssh server on a public IP and wait for a day, and you'll see how many. Regarding the original issue, I don't see where requiring users to enter strong(ish) passwords in the GUI installer at installation time could do any harm except a minor inconvenience for some people. Kickstart is not affected, so automated installs won't break, and on the other hand the use of weak passwords may be reduced a bit by the change. I'm all for it. Cheers, Peter.
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
