Re: [Savannah-hackers-public] [savannah-help-public] [sr #108600] Regist

savannah-hackers-public

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-hackers-public] [savannah-help-public] [sr #108600] Regist

From:	Karl Berry
Subject:	Re: [Savannah-hackers-public] [savannah-help-public] [sr #108600] Registration b0rked
Date:	Thu, 26 Jun 2014 17:28:37 GMT

    http://savannah.gnu.org/support/?108600
    ...
    The password I was choosing should be plenty strong for this.

I admit I have some sympathy with the view that our password
requirements are too stringent.  How about requiring only two classes
for eight-char passwords instead of three?  Sure, it is weaker, but
there's a tradeoff between pain for users (high) and likelihood of a bad
guy ever getting the encrypted passwords (low).  Besides, if a bad guy
does get the encrypted pws, that probably means they have root on
savannah and our problems are a lot worse than 2-class vs. 3-class
passwords.

karl

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Savannah-hackers-public] [savannah-help-public] [sr #108600] Registration b0rked, Karl Berry <=
- Re: [Savannah-hackers-public] [savannah-help-public] [sr #108600] Registration b0rked, beuc, 2014/06/26
  - Re: [Savannah-hackers-public] [savannah-help-public] [sr #108600] Registration b0rked, Karl Berry, 2014/06/26
    - Re: [Savannah-hackers-public] [savannah-help-public] [sr #108600] Registration b0rked, Eric Noulard, 2014/06/27
    - Re: [Savannah-hackers-public] [savannah-help-public] [sr #108600] Registration b0rked, Karl Berry, 2014/06/27

Prev by Date: [Savannah-hackers-public] Submission #13238
Next by Date: Re: [Savannah-hackers-public] [savannah-help-public] [sr #108600] Registration b0rked
Previous by thread: [Savannah-hackers-public] Submission #13238
Next by thread: Re: [Savannah-hackers-public] [savannah-help-public] [sr #108600] Registration b0rked
Index(es):
- Date
- Thread