Password feedback in Anaconda
Rahul Sundaram
sundaram at fedoraproject.org
Thu Mar 9 13:18:29 UTC 2006
Sander Hoentjen wrote:
>> http://faq.tweakers.net/nos/DesktopLinux/Reviews/beelzebubu/RedHat/redhat-installation-install-13.png
>>
>>Finallly, something better (note the label which says password
>>accepted):
>>http://faq.tweakers.net/nos/DesktopLinux/Reviews/beelzebubu/RedHat_7.3/redhat-install-img14.png
>>http://faq.tweakers.net/nos/DesktopLinux/Reviews/beelzebubu/RedHat_7.3/redhat-install-img15.png
>>http://www.arnut.com/linux/rh9/rh9_18.gif
>>
>>
>>
>another one, from:
>http://www.redhat.com/docs/manuals/linux/RHL-8.0-Manual/security-guide/s1-wstation-pass.html
>
>Forcing Strong Passwords
>To protect the network from intrusion it is a good idea for system
>administrators to verify that the passwords used within an organization
>are strong ones. When a user is asked to create or change his password,
>he can use the command line application passwd, which is PAM aware and
>will therefore check to see if the password is easy to crack or too
>short in length via the pam_cracklib.so Pluggable Authentication manager
>(PAM) module. Since PAM is customizable, it is possible to add further
>password integrity checkers, such as pam_passwdqc (available from
>http://www.openwall.com/passwdqc/) or to write your own module. For a
>list of available PAM modules, see
>http://www.kernel.org/pub/linux/libs/pam/modules.html. For more
>information about PAM, see the chapter titled Pluggable Authentication
>Modules (PAM) in the Official Red Hat Linux Reference Guide
>
>
Everybody agrees that strong passwords are a good idea so this quote
doesnt add anything substantial to this discussion to my understanding.
You might even file that as a RFE against Anaconda to show a password
strength meter but I dont think anything beyond a basic length check was
done before.
--
Rahul
More information about the fedora-test-list
mailing list