Re: RFC: changes to default password strength checks in pam_unix
[Steve Langasek]
> Right, I know there are going to be use cases where 6 is too long
> for the minimum length, and users will need to lower the setting in
> /etc/pam.d/common-password. Do you think we need to provide some
> hook for these Debian Edu users to change the setting automatically,
> via preseeding or otherwise, or do you think users this is a corner
> case even within Debian Edu?
I'm not sure. Personally, I want to enforce strong passwords, but I
realize that it will be a hard sell in some environment and that we
could loose installations if we make it too hard to avoid such
enforcing.
Some schools even use the same password for all lower grade users
instead of providing very easy passwords, and I am not sure if that is
better. I am convinced the schools will come up with some new an
innovative insecure way to work around any enforced password policy,
so it might not matter either way. :)
Happy hacking,
--
Petter Reinholdtsen
Reply to: