On Qua, 2015-01-28 at 16:05 -0700, Chris Murphy wrote: > On Wed, Jan 28, 2015 at 9:53 AM, Brian C. Lane <bcl@xxxxxxxxxx> wrote: > > > I *know* this is going to be a bit of a pain to get used to. But the > > increased security is worth it. Super simple passwords will no longer be > > allowed, but it is still easy to come up with one that passes the > > checks. pwgen has lots of suggestions. > > It's not worth it. It's a PITA. It's security theater. Windows, OS X, > Android, iOS - none of these require strong passwords, and the last > two don't even require passwords at all. The new password requirement > merely exposes the fact we're deficient in other areas of system > security, and we're masking that with this insulting baby sitting > nonsense. > > Instead of coercion, it's more polite to call the user names (stupid, > idiot, moron, imbecile, etc) if they choose weak passwords. Name > calling is kinder, more convenient, and honest and capitulation is > optional. This password policy is complete utter bullcrap. This > doesn't happen on any other OS I use and it pisses me off that Fedora > is deciding to do this exactly wrong. It's really that offensive. +1 , I'm against enforce 'good' passwords , it is pretty clear, double click if you want have an insecure password and system . > -- > Chris Murphy -- Sérgio M. B. -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
