Re: RFC: changes to default password strength checks in pam_unix

To: debian-devel@lists.debian.org
Subject: Re: RFC: changes to default password strength checks in pam_unix
From: Petter Reinholdtsen <pere@hungry.com>
Date: Mon, 03 Sep 2007 09:30:34 +0200
Message-id: <[🔎] 2fl3axwrysl.fsf@saruman.uio.no>
References: <[🔎] 20070902194736.GA10366@dario.dodds.net>

[Steve Langasek]
> Does anyone else have a reasoned argument why Debian should have a
> weaker password length check than upstream (4 chars instead of 6)?
> If not, this will be changed in the next upload of pam.

I've been told that the schools using Debian Edu in lower grades pick
very simple and short passwords for the kids, and this will become
harder if the minimum lenght is increased.  Thought it was best to
bring that up publicly.

I am not sure if these schools practice is a good idea, nor if it
should be allowed in the future, but it should at least be part of the
background when the change is considered.

Happy hacking,
-- 
Petter Reinholdtsen

Reply to:

Follow-Ups:
- Re: RFC: changes to default password strength checks in pam_unix
  - From: Lars Wirzenius <liw@iki.fi>
- Re: RFC: changes to default password strength checks in pam_unix
  - From: Steve Langasek <vorlon@debian.org>

References:
- RFC: changes to default password strength checks in pam_unix
  - From: Steve Langasek <vorlon@debian.org>

Prev by Date: Re: RFC: changes to default password strength checks in pam_unix
Next by Date: Re: RFC: changes to default password strength checks in pam_unix
Previous by thread: Re: RFC: changes to default password strength checks in pam_unix
Next by thread: Re: RFC: changes to default password strength checks in pam_unix
Index(es):
- Date
- Thread