On Thu, Feb 05, 2015 at 09:38:52AM +0000, Andre Robatino wrote: > Matthias Clasen <mclasen <at> redhat.com> writes: > > > Let me ask now, then: can we make the change to reject 'weak' passwords > > specific to only those products that enable sshd by default, please ? > > If the only concern is remote attacks, I'd like to see someone answer the > earlier question about whether Fedora has password rate and retry limits to > allow a weak password to be adequately secure, and if not, why not fix that > instead of requiring a strong password? As someone said on the CentOS list, where, like most places, it's generally being received unfavorably, this is similar to the security theatre we have here in the US, where the TSA inconveniences anyone, at will, with little real effect, but it makes a nice show. In my admittedly biased opinion, that's the best description I've seen. Will it stop one or two events? Probably. Is it effective? No. Will it inconvenience the vast majority? Yes. Are Fedora users so inexperienced and stupid that it's necessary? I don't think so. -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
