[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-hackers-public] [savannah-help-public] [sr #108600] Regist

From: Karl Berry
Subject: Re: [Savannah-hackers-public] [savannah-help-public] [sr #108600] Registration b0rked
Date: Thu, 26 Jun 2014 17:28:37 GMT
    The password I was choosing should be plenty strong for this.

I admit I have some sympathy with the view that our password
requirements are too stringent.  How about requiring only two classes
for eight-char passwords instead of three?  Sure, it is weaker, but
there's a tradeoff between pain for users (high) and likelihood of a bad
guy ever getting the encrypted passwords (low).  Besides, if a bad guy
does get the encrypted pws, that probably means they have root on
savannah and our problems are a lot worse than 2-class vs. 3-class


reply via email to

[Prev in Thread] Current Thread [Next in Thread]