Bug#656509: closed by Cyril Brulebois <kibi@debian.org> (Re: Bug#656509: user-setup-udeb: Please consider amending password advice)
On Sun 02 Mar 2014 at 15:27:46 +0000, Debian Bug Tracking System wrote:
> > Quoting Brian Potkin (claremont102@gmail.com):
> > > d-i says:
> > >
> > > A good password will contain a mixture of letters, numbers and
> > > punctuation and should be changed at regular intervals.
> > >
> > > Complexity in a password is good and probably unarguable, although
> > > length should also be considered to have some importance, Why advise
> > > changing it at regular intervals? Why not advocate not imparting it to
> > > anyone or not reusing it on other systems? Is there something which
> > > causes a good password to degenerate over time?
> > >
> > > The second part of the advice does not appear to have any technical
> > > basis so removing it would be of little consequence.
>
> It takes a few seconds to find something like this in a search engine:
> https://www.schneier.com/blog/archives/2010/11/changing_passwo.html
Thank you; I had read that debatable article before submitting the
report. The interesting paragraph begins
So in general: you don't need to regularly change the password to your computer . . .
The arguments presented there and elsewhere have persuaded me to adopt
a policy of changing my login password as frequently as I change the
locks on the doors of my house and my car. :)
Thanks for all your work with d-i.
Regards,
Brian.
Reply to: