RFC: changes to default password strength checks in pam_unix

To: debian-devel@lists.debian.org
Subject: RFC: changes to default password strength checks in pam_unix
From: Steve Langasek <vorlon@debian.org>
Date: Sun, 2 Sep 2007 12:47:36 -0700
Message-id: <[🔎] 20070902194736.GA10366@dario.dodds.net>
Mail-followup-to: debian-devel@lists.debian.org

Hi folks,

For years, the Debian pam packages have by default had a weaker password
length requirement than upstream.  I can think of no reason for this to be
the case, especially when upstream doesn't support a configurable minimum
password length and Debian does.

Does anyone else have a reasoned argument why Debian should have a weaker
password length check than upstream (4 chars instead of 6)?  If not, this
will be changed in the next upload of pam.

Cheers,
-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon@debian.org                                   http://www.debian.org/

Reply to:

Follow-Ups:
- Re: RFC: changes to default password strength checks in pam_unix
  - From: Lars Wirzenius <liw@iki.fi>
- Re: RFC: changes to default password strength checks in pam_unix
  - From: Petter Reinholdtsen <pere@hungry.com>
- Re: RFC: changes to default password strength checks in pam_unix
  - From: Roger Leigh <rleigh@whinlatter.ukfsn.org>

Prev by Date: "Etch and a half" ( was Re: Bugfix/hardware support updates to stable releases?)
Next by Date: Bug#440565: ITP: cereal -- automated, logged serial terminal management system
Previous by thread: Re: "Etch and a half" ( was Re: Bugfix/hardware support updates to stable releases?)
Next by thread: Re: RFC: changes to default password strength checks in pam_unix
Index(es):
- Date
- Thread