On Tue, Oct 11, 2016 at 09:15:12AM +0200, Björn Persson wrote:
> Zbigniew Jędrzejewski-Szmek <zbys...@in.waw.pl> wrote:
> > Yes. The hint that "this passphrase is weak" is very useful. But
> > enforcing any policy is just too inflexible. I just tried to explain
> > (unsuccessfully) to a kid (2nd grade, so any "strong" password would
> > simply be immediately forgotten) why she cannot change the password in
> > the gnome dialogue, and it was a total waste of time.
> Is a second-grader actually unable to remember "correct horse battery
> staple"? I strongly doubt that. Spell it, maybe not, but surely she
> could remember a four-word string?
A pass*phrase* like that is certainly much more feasible than a
pass*word*. But I still think it'd be an effort, for example I'd
estimate a 50-50 chance of a passphrase being forgotten over a two
And as for the spelling, notice the double-r and double-t, those would
be a source of trouble ;) Without any feedback and only three tries,
this would be rather frustrating.
devel mailing list -- email@example.com
To unsubscribe send an email to devel-le...@lists.fedoraproject.org