On Wed, 2015-02-11 at 11:35 -0500, Robert Moskowitz wrote: > I am running Rawhide on armv7, but I suspect that the configuration > code > for root password and userid creation is the same for all > platforms.... It is, though note this isn't enforced for kickstart installs, AIUI. > Seems like there is not only a hard enforcement on password strength > now, but a password I would use at times that was rated 'moderate', > and allowed is now rated 'weak'. And one rated hard is now moderate. > > Where can I find information about the current password rules. Or > is this a bug (at least in the armv7 builds)? > > For now I can get around this by building the armv7 SD card without a > root password and using passwd on the command line which is not so > demanding. But I do want to know the rules so I too can have a > 'strong' > password. That I will proceed to write down... (from the security > guy that use to teach a course on Authentication!) It's a feature, yes. There's an ongoing thread about it. The 'rules' are simply those provided by the underlying library, pwquality. Mo posted some pretty easy passwords that pass the checks: 'my name is' (good) (10 chars) 'bacon4eva!' (strong) (10 chars) 'hamncheese.' (strong) (10 chars) 'GoPatriots!' (strong) (11 chars) 'hey, you!' (good) (8 chars) '8crayons.' (good) (9 chars) 'latte2015' (good) (9 chars) Personally I've been using 'correcthorse' (I'm immensely surprised password quality libs haven't blacklisted all derivatives of 'correcthorsebatterystaple' yet). -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net http://www.happyassassin.net -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
