Bug#1064617: Passwords should not be changed frequently
Hi,
Diederik de Haas <didi.debian@cknow.org> wrote (Mon, 04 Mar 2024 15:57:10 +0100):
> On Monday, 4 March 2024 10:43:59 CET Holger Wansing wrote:
> > >Regarding the password advice, I ended up concluding that it's pretty
> > >unlikely that anything we say at this point will have any effect on
> > >people's behaviour, but then I'm probably just an old cynic. Also, I
> > >failed when trying to come up with a wording which I was happy with,
> > >which is why I ended up discarding the advice entirely.
> > >
> > >If we want to keep the password advice in then I think what you wrote is
> > >(mostly) OK, although I think it implies that one should be choosing a
> > >single "password" (although, not a word in any normal sense), which
> > >could be argued to steer people away from the perfectly decent xkcd
> > >approach of using several dictionary words. Saying "Password or
> > >Passphrase" at least once would probably address that.
> >
> > Ok, makes it a bit longer, but it could be worth it.
>
> https://wiki.debian.org/Passwords doesn't exist (yet), but it's an easy to
> remember URL and we'd have all the space we need to give proper advise?
Would need to check if that fits in the relevant screens (I want to avoid
having a scroll bar on that screens).
Holger
--
Holger Wansing <hwansing@mailbox.org>
PGP-Fingerprint: 496A C6E8 1442 4B34 8508 3529 59F1 87CA 156E B076
Reply to: