Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I think requiring a minium sized password that is pretty long, like maybe 15-20 or larger. The chance of somebody cracking those sized passwords would be smaller. Also I know there was a previous issue about the Yubikey as part of security. In my opinion requiring a 15-20 long password added with a Yubikey would be something that would maybe lessen the chance. I currently use Lasspass to create passwords, and my master password is a long password and the password I get it to generate is also quite long.

On Thu, Oct 13, 2011 at 1:29 PM, Bernd Stramm <bernd.stramm@xxxxxxxxx> wrote:
On Thu, 13 Oct 2011 10:39:03 -0700
Toshio Kuratomi <a.badger@xxxxxxxxx> wrote:

>...
> So what are our admins to do?  1) We could ignore the issue.  We have
> a lot of contributors.  Maybe we should just expect that some of
> their accounts are going to be compromised.

Not maybe. Certainly some of the accounts will be compromised.

> 2) We could require
> everyone to change keys.

And some time after that, some accounts will be compromised again. Some
of the same accounts as before, and some other accounts. Not maybe.
Certainly, 100%.


--
Bernd Stramm
bernd.stramm@xxxxxxxxx

--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux