[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RFC: changes to default password strength checks in pam_unix

Hi folks,

For years, the Debian pam packages have by default had a weaker password
length requirement than upstream.  I can think of no reason for this to be
the case, especially when upstream doesn't support a configurable minimum
password length and Debian does.

Does anyone else have a reasoned argument why Debian should have a weaker
password length check than upstream (4 chars instead of 6)?  If not, this
will be changed in the next upload of pam.

Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon@debian.org                                   http://www.debian.org/

Reply to: