[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1064617: Passwords should not be changed frequently



On Thursday, 29 February 2024 23:13:55 CET Holger Wansing wrote:
> > in which I'm recommending setting no password for root, which then gives
> > the initial user 'sudo' membership[1].
> 
> What about the "Allow login as root?" question (only shown in expert mode),
> which is asked directly before the above mentioned dialog?

I very much support the suggestion from the (initial) bug report:
removing bad advice

But this is changing the subject in fundamental ways, which should be 
discussed in a separate bug report with an appropriate title.

1) Suddenly we assume that the user is incapable of coming up with a good 
password for root? Where is that based upon?
2) If they're incapable of coming up with a good password for root, then 
they're incapable of given their normal account, with sudo privileges, a 
decent password too, right?
3) Default behavior now becomes *not* creating a root account? If we divert 
from a years/decades long default, there needs to be good reasons for it IMO.

Defaults matter and I'm not happy that so much things get put into expert mode 
or (only) made available via preseed, just because we're worried it may 
confuse users (or we think they're idiots, which is way worse). 

"This 'users are idiots, and are confused by functionality' mentality of Gnome 
is a disease. If you think your users are idiots, only idiots will use it."

My 0.02

Attachment: signature.asc
Description: This is a digitally signed message part.


Reply to: