Re: upcoming build and release developer flag day December 12 2016

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, 2016-11-20 at 12:29 -0700, Kevin Fenzi wrote:
> One question: So, 6 months is long enough for you to use a longer
> passphrase, but 1 week is not. Where is the line? 

I don't know. 6 months seemed good to me. What is the security goal
here?

> and Two suggestions: 
> 
> 1. Use a password manager? I recommend 'pass' it's quite simple, uses
> gpg and files in a git repo. Then you fas password is just a 'pass -c
> fas' away. 

I already use seahorse because I use Fedora Workstation. There's
absolutely no way to use different passwords for different services
without a password manager, so good thing it's built-in to our desktop.
Does this new system have secret service integration? (I doubt it.)

> 2. Use a passphrase you can remember. Isn't:
> 
> My FAS password is long, but I can always, always remember it.!
> 
> easier to remember than some
> 
> jkas63opqp 
> 
> string? 
> 
> kevin

I can't type half that many worlds without a typo or two, so that's
going to be frustarting. ;) Why would somebody want to type that long
thing rather than "2016sucked"?

Anyway, from 3 minutes of looking into Kerberos it's not clear to me
whether password strength is actually important, and it is clear I'm
not qualified to write about it, so I'll shut up now.

Michael
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux