Re: Bug#1064617: Passwords should not be changed frequently
- To: debian-l10n-english@lists.debian.org
- Cc: 1064617@bugs.debian.org, Cyril Brulebois <kibi@debian.org>, Philip Hands <phil@hands.com>, Holger Wansing <hwansing@mailbox.org>, Diederik de Haas <didi.debian@cknow.org>
- Subject: Re: Bug#1064617: Passwords should not be changed frequently
- From: Justin B Rye <justin.byam.rye@gmail.com>
- Date: Tue, 5 Mar 2024 20:40:56 +0000
- Message-id: <[🔎] ZeeDWH5pVm8c2wVG@jbr.me.uk>
- Mail-followup-to: debian-l10n-english@lists.debian.org, 1064617@bugs.debian.org, Cyril Brulebois <kibi@debian.org>, Philip Hands <phil@hands.com>, Holger Wansing <hwansing@mailbox.org>, Diederik de Haas <didi.debian@cknow.org>
- In-reply-to: <[🔎] A410340E-9C40-431C-98B2-94F0BCB32950@mailbox.org>
- References: <20240304220644.6d4c1dec8d46c3b6ca0b4cf4@mailbox.org> <87sf15yqw8.fsf@nimble.hk.hands.com> <ZdqHClFcZ8O2rWJy@casper.infradead.org> <87plw8zsjy.fsf@nimble.hk.hands.com> <295380D8-52F7-43B9-9E80-C89C4D0879EF@mailbox.org> <ZdqHClFcZ8O2rWJy@casper.infradead.org> <87msrczkk6.fsf@nimble.hk.hands.com> <ZdqHClFcZ8O2rWJy@casper.infradead.org> <20240305182825.intemqx6fnielajj@mraw.org> <[🔎] A410340E-9C40-431C-98B2-94F0BCB32950@mailbox.org>
Holger Wansing wrote:
> @d-l10n-english: hey guys, we would like to get a proposal reviewed,
> which aims to improve the root/user password screens in the installer.
>
> Please find the related merge request at
> <https://salsa.debian.org/installer-team/user-setup/-/merge_requests/7>
It needs a small amount of rephrasing, but the most important problem
is that it starts by saying you need to set a password and then goes
on to suggest that you might not need to set a password. Maybe that
can be fixed by rearranging things slightly...
Template: passwd/root-password
Type: password
# :sl1:
_Description: Root password/passphrase:
To allow direct password/passphrase-based access to the 'root'
(system administrative) account you can set it up here.
The results can be disastrous if a malicious or incompetent user
obtains root access, so you should not set one that can be guessed,
found in dictionaries, or easily associated with you.
.
Alternatively, you can lock root's password
by leaving this setting empty, and
instead use the system's initial user account
(which will be set up in the next step)
to become root. This will be enabled for you
by adding that user to the 'sudo' group.
.
Note: what you type here will be hidden (unless you select to show it).
Does this still feel like the same advice?
Otherwise the only thing I see is:
Template: passwd/user-password
Type: password
# :sl1:
_Description: Choose a password/passphrase for the new user:
Make sure to select a strong password/passphrase, that cannot be guessed.
^
No comma needed there.
--
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package
Reply to: