Re: RFC: changes to default password strength checks in pam_unix
> Does anyone else have a reasoned argument why Debian should have a
> weaker password length check than upstream (4 chars instead of 6)?
> If not, this will be changed in the next upload of pam.
I've been told that the schools using Debian Edu in lower grades pick
very simple and short passwords for the kids, and this will become
harder if the minimum lenght is increased. Thought it was best to
bring that up publicly.
I am not sure if these schools practice is a good idea, nor if it
should be allowed in the future, but it should at least be part of the
background when the change is considered.