Hi Alexander, [ moved back to misc@, let's not discuss such a minor issue on source-changes@ ]
Alexander Hall wrote on Mon, Dec 08, 2014 at 12:31:43AM +0100: > On December 8, 2014 12:05:30 AM CET, Ingo Schwarze wrote: >> CVSROOT: /cvs >> Module name: src >> Changes by: schwa...@cvs.openbsd.org 2014/12/07 16:05:30 >> >> Modified files: >> share/man/man8 : afterboot.8 >> >> Log message: >> Since rev. 1.1, we discouraged space characters in passwords >> but even after repeated enquiries on misc@, nobody can explain why, >> so tedu the two confusing words; ok tedu@. > Why do we recommend changing the root password there at all? > I suspect some horribly outdated historical reason, but I don't > see the point of that part at all. It certainly isn't very important; if you set a good password while installing, you are already fine. Then again, i sometimes install machines in the lab where they are not exposed to the Internet right away and only later move them into production. During the install, i'm sometimes not in the mood for inventing a good password but focus on other things like network and disk configuration. The afterboot(8) manual is more useful for newbies than for developers, and newbies may regard installing as an adventure, so they may feel that effect even more strongly. Besides, you are supposed to read afterboot(8) *after* installing, and that's a good time to realize that the password you typed in while installing was a really bad idea. Having this advice at this place certainly doesn't hurt. As the page says at the very top: The idea is to create a list of items that can be checked off so that you have a warm fuzzy feeling that something obvious has not been missed. "Did you set reasonable passwords?" does make some sense on such a list. Yours, Ingo