You /want/ weak passwords?

Story: Anaconda on root and user account password strengths: Why so strict?Total Replies: 5
Author Content
rnturn

Mar 13, 2015
5:09 PM EDT
I'm laughing out loud that someone is actually complaining about having to come up with secure passwords for their system(s).

Favorite user password complaint story: Years ago, when HIPAA became a "thing", we updated the password requirements on several systems to meet the minimum needed to satisfy the auditors -- this required new passwords for everyone. The new policy included, among other things, dictionary checks on passwords. One user contacted the help desk to complain that the system wouldn't accept her new password. When asked just what she was trying to use, she replied: "Apple". We reminded her that "apple" was in the dictionary and she said "OK, I'll try something else. ... No, that doesn't work either." Her alternative to "Apple"? "Orange".
Koriel

Mar 13, 2015
5:18 PM EDT
Really LOL :)
750

Mar 13, 2015
5:56 PM EDT
Fedora Netsec wankery strikes again?

Seems to me that password strength is a matter of when and where the computer is expected to be used.

Travel a lot with a laptop etc, set a strong password. Use on a desktop at home, don't see the big deal.
ljmp

Mar 13, 2015
10:21 PM EDT
Passwords are broken. So are Certificate Authorities.

Everyone *should* be using PGP keys inserted into DNS and DNSSEC to protect them.

STEED FTW

PDF Whitepaper STEED 2011:

http://g10code.com/docs/steed-usable-e2ee.pdf
thenixedreport

Mar 18, 2015
5:45 PM EDT
If they're only using a VM to test out Fedora I can see the need to allow for weak passwords to save time. After all, nothing mission critical is going to be done at that point.
skelband

Mar 20, 2015
4:48 PM EDT
Linux is about freedom isn't it?

Why should your choice of password strength be taken away from you? One of the most annoying things I find with Windows 2008 is the default demand that you specify a certain level of password variability. As mentioned above, this should be a policy that you manage yourself and there are some situations where very strong passwords are just not necessary.

Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]

Becoming a member of LXer is easy and free. Join Us!