[Pkg-shadow-devel] suggested improvement for man password
Serge E. Hallyn
serge at hallyn.com
Tue Nov 29 21:43:29 UTC 2016
Quoting Henry Schaffer (hes at ncsu.edu):
> In Ubuntu 14.04 I ran
> man passwd
> at the bottom it said:
> shadow-utils 4.1.5.1 01/27/2016
> PASSWD(1)
>
> Near the beginning of the man page, it says:
>
> Then, the password is tested for complexity. As a general guideline,
> passwords should consist of 6 to 8 characters including one or more
> characters from each of the following sets:
>
> · lower case alphabetics
>
> · digits 0 thru 9
>
> · punctuation marks
>
> My suggestion is to change "6 to 8 characters" to "8 to 10 characters" and
> to add one more set:
>
> · upper case alphabetics
>
> --henry schaffer
>
> P.S. I haven't checked this man page in Ubuntu 16.04.
Hi,
This sounds reasonable to me, but I'm not sure based on the manpage text
itself whether those are just guidelines, or also what passwd enforces.
(It later says:
passwd will reject any password which is not suitably complex.
) If the latter, then passwd should probably also be updated to enforce
those.
Were you thinking of writing a patch for this?
thanks,
-serge
More information about the Pkg-shadow-devel
mailing list