Can you please elaborate on the "without any alerts, or so on"? As both account settings / account password & ubiquity show password strengths 'Too short / Weak / Fair / Good / Strong'
I do agree that the algorithms they use are not very strong, and they are biased against introducing characters instead of favouring length: http://xkcd.com/936/ Is cryptographically true. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-control-center in Ubuntu. https://bugs.launchpad.net/bugs/1044868 Title: Unsecure passwords reported as acceptable as well as strong ones Status in “gnome-control-center” package in Ubuntu: Triaged Status in “ubiquity” package in Ubuntu: Confirmed Bug description: When you set the password during the installation or also when you change it via the gnome-control-center you can insert a weak password (like "123456" or "qwerty" or "abcdef" or "password" itself) without any alerts, or so on. The suggestion is a password strength verification that includes the most used passwords (like "1234" or "qwerty") and a dictionary that includes the word password in every language. A special attention to language like Spanish where "password" is "contraseña", and where is the character "ñ" which can be recognize as a special symbol. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-control-center/+bug/1044868/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
