Re: RFC: changes to default password strength checks in pam_unix
Hi Christian!
You wrote:
> I don't really understand the need for turning your comment this way,
> which indeed doesn't make your point clear, whether you agree or
> disagree with the idea of default enforcement of 8 characters length
> for passwords.
>
> It seems you disagree, but don't really give a rationale for it except
> "some other programs we have in Debian default to 6 chars". Am I right?
And what's the rationale to change the minimum length to 8? It won't
help security, as people who pick weak passwords now, will still pick
weak, but longer, passwords.
--
Kind regards,
+--------------------------------------------------------------------+
| Bas Zoetekouw | GPG key: 0644fab7 |
|----------------------------| Fingerprint: c1f5 f24c d514 3fec 8bf6 |
| bas@debian.org | a2b1 2bae e41f 0644 fab7 |
+--------------------------------------------------------------------+
Reply to: