[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Password feedback in Anaconda



Sander Hoentjen wrote:

       http://faq.tweakers.net/nos/DesktopLinux/Reviews/beelzebubu/RedHat/redhat-installation-install-13.png

Finallly, something better (note the label which says password
accepted):
http://faq.tweakers.net/nos/DesktopLinux/Reviews/beelzebubu/RedHat_7.3/redhat-install-img14.png
http://faq.tweakers.net/nos/DesktopLinux/Reviews/beelzebubu/RedHat_7.3/redhat-install-img15.png
http://www.arnut.com/linux/rh9/rh9_18.gif
another one, from:
http://www.redhat.com/docs/manuals/linux/RHL-8.0-Manual/security-guide/s1-wstation-pass.html

Forcing Strong Passwords
To protect the network from intrusion it is a good idea for system
administrators to verify that the passwords used within an organization
are strong ones. When a user is asked to create or change his password,
he can use the command line application passwd, which is PAM aware and
will therefore check to see if the password is easy to crack or too
short in length via the pam_cracklib.so Pluggable Authentication manager
(PAM) module. Since PAM is customizable, it is possible to add further
password integrity checkers, such as pam_passwdqc (available from
http://www.openwall.com/passwdqc/) or to write your own module. For a
list of available PAM modules, see
http://www.kernel.org/pub/linux/libs/pam/modules.html. For more
information about PAM, see the chapter titled Pluggable Authentication
Modules (PAM) in the Official Red Hat Linux Reference Guide
Everybody agrees that strong passwords are a good idea so this quote doesnt add anything substantial to this discussion to my understanding. You might even file that as a RFE against Anaconda to show a password strength meter but I dont think anything beyond a basic length check was done before.

--
Rahul



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]