Re: Weak password madness is back again

[stan]

On Mon, 23 Jan 2017 02:24:04 + (UTC)
Ben Boeckel  wrote:

> On Sun, 22 Jan, 2017 at 23:36:48 GMT, Ben Boeckel wrote:
> 
> 
> Sorry for the necro; I apparently had a message queued up on this
> machine that I had forgotten about.

No problem.  A word to the wise is welcome.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Ben Boeckel]

On Sun, 22 Jan, 2017 at 23:36:48 GMT, Ben Boeckel wrote:


Sorry for the necro; I apparently had a message queued up on this
machine that I had forgotten about.

--Ben
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Ben Boeckel]

On Tue, 11 Oct, 2016 at 18:25:03 GMT, stan wrote:
> "you are a good girl" or variation.  Does she have a favorite passage
> in a book she reads?

Beware common phrases; they are part of the "dictionaries" used by
password crackers these days (particularly memorable quotes from movies,
books (especially religious books apparently), etc.). You really want
random words, possibly along the lines of "green dreams sleep furiously"
which are grammatical, but still nonsense.

--Ben
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[stan]

On Tue, 11 Oct 2016 08:35:35 +
Zbigniew Jędrzejewski-Szmek  wrote:

> On Tue, Oct 11, 2016 at 09:15:12AM +0200, Björn Persson wrote:
> > Zbigniew Jędrzejewski-Szmek  wrote:  
> > > Yes. The hint that "this passphrase is weak" is very useful. But
> > > enforcing any policy is just too inflexible. I just tried to
> > > explain (unsuccessfully) to a kid (2nd grade, so any "strong"
> > > password would simply be immediately forgotten) why she cannot
> > > change the password in the gnome dialogue, and it was a total
> > > waste of time.  
> > 
> > Is a second-grader actually unable to remember "correct horse
> > battery staple"? I strongly doubt that. Spell it, maybe not, but
> > surely she could remember a four-word string?  
> 
> A pass*phrase* like that is certainly much more feasible than a
> pass*word*.  But I still think it'd be an effort, for example I'd
> estimate a 50-50 chance of a passphrase being forgotten over a two
> week break.
> 
> And as for the spelling, notice the double-r and double-t, those would
> be a source of trouble ;) Without any feedback and only three tries,
> this would be rather frustrating.

How about a phrase she will remember, and will take pleasure in
typing? ;-)

"you are a good girl" or variation.  Does she have a favorite passage
in a book she reads?
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Zbigniew Jędrzejewski-Szmek]

On Tue, Oct 11, 2016 at 09:15:12AM +0200, Björn Persson wrote:
> Zbigniew Jędrzejewski-Szmek  wrote:
> > Yes. The hint that "this passphrase is weak" is very useful. But
> > enforcing any policy is just too inflexible. I just tried to explain
> > (unsuccessfully) to a kid (2nd grade, so any "strong" password would
> > simply be immediately forgotten) why she cannot change the password in
> > the gnome dialogue, and it was a total waste of time.
> 
> Is a second-grader actually unable to remember "correct horse battery
> staple"? I strongly doubt that. Spell it, maybe not, but surely she
> could remember a four-word string?

A pass*phrase* like that is certainly much more feasible than a
pass*word*.  But I still think it'd be an effort, for example I'd
estimate a 50-50 chance of a passphrase being forgotten over a two
week break.

And as for the spelling, notice the double-r and double-t, those would
be a source of trouble ;) Without any feedback and only three tries,
this would be rather frustrating.

Zbyszek
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Zbigniew Jędrzejewski-Szmek]

On Mon, Oct 10, 2016 at 11:56:38AM -0500, Michael Catanzaro wrote:
> On Mon, 2016-10-10 at 16:17 +, Zbigniew Jędrzejewski-Szmek wrote:
> > (In addition, typing "password" in the gnome search box does *not*
> > lead to something that allows you to change your password, one needs
> > to search for "users" instead…, but that's another story. If somebody
> > from the gnome team is listening, it would be great to tag "Users"
> > with
> > "password" too.)
> 
> Hm, the keyword is already listed in the desktop file, but that doesn't
> do any good because all the desktop files are marked NoDisplay=true.
> 
> But it's found by the control-center search provider. That should be on
> by default, did you turn it off?

I see it now, thanks. PEBKAC, it seems.

Zbyszek
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Björn Persson]

Zbigniew Jędrzejewski-Szmek  wrote:
> Yes. The hint that "this passphrase is weak" is very useful. But
> enforcing any policy is just too inflexible. I just tried to explain
> (unsuccessfully) to a kid (2nd grade, so any "strong" password would
> simply be immediately forgotten) why she cannot change the password in
> the gnome dialogue, and it was a total waste of time.

Is a second-grader actually unable to remember "correct horse battery
staple"? I strongly doubt that. Spell it, maybe not, but surely she
could remember a four-word string?

Björn Persson


pgpzeQ_0NZYcW.pgp
Description: OpenPGP digital signatur
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Michael Catanzaro]

On Mon, 2016-10-10 at 16:17 +, Zbigniew Jędrzejewski-Szmek wrote:
> (In addition, typing "password" in the gnome search box does *not*
> lead to something that allows you to change your password, one needs
> to search for "users" instead…, but that's another story. If somebody
> from the gnome team is listening, it would be great to tag "Users"
> with
> "password" too.)

Hm, the keyword is already listed in the desktop file, but that doesn't
do any good because all the desktop files are marked NoDisplay=true.

But it's found by the control-center search provider. That should be on
by default, did you turn it off?

Michael
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Zbigniew Jędrzejewski-Szmek]

On Sat, Oct 08, 2016 at 02:29:20PM +0200, Kevin Kofler wrote:
> Michael Catanzaro wrote:
> > The status quo is that we are not in compliance with FESCo's policy
> > [1], which clearly applies to all tools that change passwords and not
> > just anaconda, but we can't change anything in GNOME until libpwquality
> > stops blocking weak passwords via its PAM module, since we ultimately
> > shell out to passwd to implement that (for auditability).
> 
> The right fix there is to just remove the libpwquality PAM module by 
> default. Enabling such a thing should only be done by the local system 
> administrator.
> 
> > But there is one more issue. FESCo's policy actually requires that only
> > admin users (wheel users, including the initial user account) would be
> > able to set weak passwords, and that unprivileged users should be
> > blocked from doing so.
> 
> And I agree with Chris Murphy that that policy is utter nonsense.
> 
> Even if I want to set my password to the empty string, that is my choice. It 
> is a perfectly valid password for some use cases. (For what it's worth, I 
> actually use a non-empty password, but Anaconda considers even that "weak". 
> But I do not want to give more details here, and most definitely not the 
> password itself, for obvious reasons.)

Yes. The hint that "this passphrase is weak" is very useful. But
enforcing any policy is just too inflexible. I just tried to explain
(unsuccessfully) to a kid (2nd grade, so any "strong" password would
simply be immediately forgotten) why she cannot change the password in
the gnome dialogue, and it was a total waste of time.

(In addition, typing "password" in the gnome search box does *not*
lead to something that allows you to change your password, one needs
to search for "users" instead…, but that's another story. If somebody
from the gnome team is listening, it would be great to tag "Users" with
"password" too.)

Zbyszek
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Tomas Mraz]

On Pá, 2016-10-07 at 11:58 -0500, Michael Catanzaro wrote:
> On Fri, 2016-10-07 at 18:07 +0200, Hans de Goede wrote:
> > 
> > Suggested fix if you "shell out to passwd" in g-c-c, then why not
> > also do this in g-i-s presumable you can share the code then and
> > have less security sensitive code to worry about ? When you do
> > make sure you run passwd as root (from g-i-s), not as the newly
> > created user. I can set whatever passwd I want using
> > "passwd " as root just fine.
> We should probably just switch to using accountsservice, which runs
> as
> root, to change the password; it's kind of silly to use passwd
> directly
> "for auditability" if it's possible to change passwords using
> accountsservice instead. accountsservice should be changed to use
> passwd if desired. (Currently accountsservice uses usermod, which is
> I
> guess why we don't use it in g-c-c.) Does that sound OK, Ondrej?
> 
> Then that would solve the problem of getting errors from PAM, and we
> can decide whether to enforce password strength in GNOME based on
> whether the current user is an admin or not (or if he is
> authenticated
> as an admin for editing other accounts... that would be kind of
> confusing, though, if a non-admin user with access to an admin
> password
> gets hit by the password strength policy just because he didn't
> unlock
> the panel with the admin password before changing his password; not
> sure what the UI should be for this).

If accountsservice uses usermod it generates audit events too although
slightly different ones than passwd. But that should not be a problem
for auditability.

-- 
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
  Turkish proverb
(You'll never know whether the road is wrong though.)


___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Kevin Kofler]

Michael Catanzaro wrote:
> The status quo is that we are not in compliance with FESCo's policy
> [1], which clearly applies to all tools that change passwords and not
> just anaconda, but we can't change anything in GNOME until libpwquality
> stops blocking weak passwords via its PAM module, since we ultimately
> shell out to passwd to implement that (for auditability).

The right fix there is to just remove the libpwquality PAM module by 
default. Enabling such a thing should only be done by the local system 
administrator.

> But there is one more issue. FESCo's policy actually requires that only
> admin users (wheel users, including the initial user account) would be
> able to set weak passwords, and that unprivileged users should be
> blocked from doing so.

And I agree with Chris Murphy that that policy is utter nonsense.

Even if I want to set my password to the empty string, that is my choice. It 
is a perfectly valid password for some use cases. (For what it's worth, I 
actually use a non-empty password, but Anaconda considers even that "weak". 
But I do not want to give more details here, and most definitely not the 
password itself, for obvious reasons.)

Kevin Kofler
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Kevin Kofler]

Tomas Mraz wrote:
> The only place where the password strength check should not be
> overridable is when a regular user tries to change his own password.

No, even that should not happen unless the local administrator explicitly 
opted to enforce some such policy (and the exact policy to enforce is the 
administrator's choice, it is likely to differ significantly from GNOME's 
hardcoded policy).

Enforcing password strength rules on all users of the entire distribution, 
no matter what their use cases are, is just not a reasonable thing to do. As 
pointed out by Chris Murphy, even the proprietary operating systems don't do 
that.

Kevin Kofler
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Hans de Goede]

Hi,

On 07-10-16 18:58, Michael Catanzaro wrote:

On Fri, 2016-10-07 at 18:07 +0200, Hans de Goede wrote:

Suggested fix if you "shell out to passwd" in g-c-c, then why not
also do this in g-i-s presumable you can share the code then and
have less security sensitive code to worry about ? When you do
make sure you run passwd as root (from g-i-s), not as the newly
created user. I can set whatever passwd I want using
"passwd " as root just fine.


We should probably just switch to using accountsservice, which runs as
root, to change the password; it's kind of silly to use passwd directly
"for auditability" if it's possible to change passwords using
accountsservice instead. accountsservice should be changed to use
passwd if desired. (Currently accountsservice uses usermod, which is I
guess why we don't use it in g-c-c.) Does that sound OK, Ondrej?

Then that would solve the problem of getting errors from PAM, and we
can decide whether to enforce password strength in GNOME based on
whether the current user is an admin or not (or if he is authenticated
as an admin for editing other accounts... that would be kind of
confusing, though, if a non-admin user with access to an admin password
gets hit by the password strength policy just because he didn't unlock
the panel with the admin password before changing his password; not
sure what the UI should be for this).


Sounds good to me, I'm pretty much happy with any solution which you
think is safe and maintainable; and I understand if we won't see this
fixed till F26, but please do fix it for F26.

Thank you & Regards,

Hans
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Michael Catanzaro]

On Fri, 2016-10-07 at 18:07 +0200, Hans de Goede wrote:
> Suggested fix if you "shell out to passwd" in g-c-c, then why not
> also do this in g-i-s presumable you can share the code then and
> have less security sensitive code to worry about ? When you do
> make sure you run passwd as root (from g-i-s), not as the newly
> created user. I can set whatever passwd I want using
> "passwd " as root just fine.

We should probably just switch to using accountsservice, which runs as
root, to change the password; it's kind of silly to use passwd directly
"for auditability" if it's possible to change passwords using
accountsservice instead. accountsservice should be changed to use
passwd if desired. (Currently accountsservice uses usermod, which is I
guess why we don't use it in g-c-c.) Does that sound OK, Ondrej?

Then that would solve the problem of getting errors from PAM, and we
can decide whether to enforce password strength in GNOME based on
whether the current user is an admin or not (or if he is authenticated
as an admin for editing other accounts... that would be kind of
confusing, though, if a non-admin user with access to an admin password
gets hit by the password strength policy just because he didn't unlock
the panel with the admin password before changing his password; not
sure what the UI should be for this).

Michael
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Adam Williamson]

On Fri, 2016-10-07 at 16:17 +0200, Tomas Mraz wrote:
> On Pá, 2016-10-07 at 15:56 +0200, Hans de Goede wrote:
> > Hi,
> > 
> > So 2 devel cycles ago we had this whole discussion
> > about how forcing people to choose strong passwords in anaconda
> > was making live hard for testers / test-installs and this
> > decision was reverted.
> > 
> > So now here I'm doing a F25 Fedora ARM test install, end up
> > in the gnome-ified first-time-setup wizzard and cannot continue
> > until I make my test-user password strong enough. UGH.
> > 
> > So can we get this fixed please, or do we need to escalate
> > this all the way up to FESco again ?
> 
> 
> Is that a regression? Previously the discussion was about Anaconda not
> about gnome initial setup or whatever is the password dialogue you are
> talking about. Not that I am supporter of making it impossible to
> override password strength check in any kind of initial setup tools.

It is a regression, yeah, at some point g-i-s did allow weak passwords,
with a warning. I don't recall exactly when it changed again.
-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Hans de Goede]

Hi,

On 07-10-16 18:03, Adam Williamson wrote:

On Fri, 2016-10-07 at 15:56 +0200, Hans de Goede wrote:

Hi,

So 2 devel cycles ago we had this whole discussion
about how forcing people to choose strong passwords in anaconda
was making live hard for testers / test-installs and this
decision was reverted.

So now here I'm doing a F25 Fedora ARM test install, end up
in the gnome-ified first-time-setup wizzard and cannot continue
until I make my test-user password strong enough. UGH.

So can we get this fixed please, or do we need to escalate
this all the way up to FESco again ?


It's a game. Every time we get it changed in one place, it gets changed
the other way in another place...=)

For now, you can create a user account during the install process
(rather than in gnome-initial-setup) if you want a weak password.


No such luck with the ARM sdcard images though, those are
"pre-installed" and for the workstation images one is stuck
with gnome-initial-setup (I believe the anaconda based normal
intial-setup will do the right thing).

Regards,

Hans
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Hans de Goede]

Hi,

On 07-10-16 17:42, Michael Catanzaro wrote:

On Fri, 2016-10-07 at 15:56 +0200, Hans de Goede wrote:

So can we get this fixed please, or do we need to escalate
this all the way up to FESco again ?


Hi,

The status quo is that we are not in compliance with FESCo's policy
[1], which clearly applies to all tools that change passwords and not
just anaconda, but we can't change anything in GNOME until libpwquality
stops blocking weak passwords via its PAM module, since we ultimately
shell out to passwd to implement that (for auditability). (Actually, I
think gnome-initial-setup does not use passwd, but gnome-control-center
definitely does, and we are not going to implement different password
checking behavior between the two of them.)

I informed FESCo of this at the time of their decision, and reminded
them in the original ticket a month or two ago. At any rate, it's been
this way for several releases now, so I don't want to change anything
in F25 this late in the game, but it would be nice to fix in the F26
timeframe. I don't want to work on the PAM module, but if somebody else
fixes it, then send me a ping and I'll try to update gnome-initial-
setup and gnome-control-center to comply with the policy.

But there is one more issue. FESCo's policy actually requires that only
admin users (wheel users, including the initial user account) would be
able to set weak passwords, and that unprivileged users should be
blocked from doing so. Again, this is not currently possible to
implement in GNOME, as it requires additional plumbing in at least the
PAM module, and probably also in libpwquality proper. Again, I don't
plan to work on this, but again, if someone else fixes it then I'm
happy to make whatever changes are needed in g-i-s/g-c-c.


First of all thank you for the long explanation, and good to know that
this is on your radar.

As a developer I understand what you're saying. But TBH as an end
user I don't give a hoot. We first had this whole discussion about
anaconda breaking the freedom to chose a password around F-22
and now we've F25 coming up 18 months later and this is still not
fixed (in some places). That is simply unacceptable IMHO.

Suggested fix if you "shell out to passwd" in g-c-c, then why not
also do this in g-i-s presumable you can share the code then and
have less security sensitive code to worry about ? When you do
make sure you run passwd as root (from g-i-s), not as the newly
created user. I can set whatever passwd I want using
"passwd " as root just fine.

This will at least fix g-i-s, which is the biggest hurdle for users.

Changing a passwd later, a wheel group user can always drop to
the terminal and do "sudo passwd " as a workaround,
but at g-i-s time no such workarounds are possible. Or simply
also run passwd as root for wheel group users (they have sudo
rights after all).

Regards,

Hans

> [1] https://fedoraproject.org/wiki/Passphrase_policy

Note that this page too is over a year old, really it is time
to fix this.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Adam Williamson]

On Fri, 2016-10-07 at 15:56 +0200, Hans de Goede wrote:
> Hi,
> 
> So 2 devel cycles ago we had this whole discussion
> about how forcing people to choose strong passwords in anaconda
> was making live hard for testers / test-installs and this
> decision was reverted.
> 
> So now here I'm doing a F25 Fedora ARM test install, end up
> in the gnome-ified first-time-setup wizzard and cannot continue
> until I make my test-user password strong enough. UGH.
> 
> So can we get this fixed please, or do we need to escalate
> this all the way up to FESco again ?

It's a game. Every time we get it changed in one place, it gets changed
the other way in another place...=)

For now, you can create a user account during the install process
(rather than in gnome-initial-setup) if you want a weak password.
-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Chris Murphy]

On Fri, Oct 7, 2016 at 9:42 AM, Michael Catanzaro  wrote:

> But there is one more issue. FESCo's policy actually requires that only
> admin users (wheel users, including the initial user account) would be
> able to set weak passwords, and that unprivileged users should be
> blocked from doing so.

The less privileged account must have a stronger passphrase. It's
adorable nonsense.

FESCo should reconsider that distinction.


-- 
Chris Murphy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Chris Murphy]

On Fri, Oct 7, 2016 at 8:17 AM, Tomas Mraz  wrote:
> On Pá, 2016-10-07 at 15:56 +0200, Hans de Goede wrote:
>> Hi,
>>
>> So 2 devel cycles ago we had this whole discussion
>> about how forcing people to choose strong passwords in anaconda
>> was making live hard for testers / test-installs and this
>> decision was reverted.
>>
>> So now here I'm doing a F25 Fedora ARM test install, end up
>> in the gnome-ified first-time-setup wizzard and cannot continue
>> until I make my test-user password strong enough. UGH.
>>
>> So can we get this fixed please, or do we need to escalate
>> this all the way up to FESco again ?
>
> Is that a regression? Previously the discussion was about Anaconda not
> about gnome initial setup or whatever is the password dialogue you are
> talking about. Not that I am supporter of making it impossible to
> override password strength check in any kind of initial setup tools.
>
> The only place where the password strength check should not be
> overridable is when a regular user tries to change his own password.


To this day in the latest Windows and macOS, the regular user can use
"hi" as a password, and the world is still not ending. More user
freedom for passwords on proprietary platforms. It's ironic.

The shortest password I can get GNOME's Settings > Users > Change
Password to accept is UiNls8%M which is hilarious.

February is also eight characters, but I'm punished for using a common
word. Even february5 is disallowed. The shortest easiest to remember
one I could come up with was june5may which is eight characters.

It's from the same era of pompous fake security as compulsory password
changes after 90 days. Oh well, we have bigger problems anyway.


-- 
Chris Murphy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Michael Catanzaro]

On Fri, 2016-10-07 at 15:56 +0200, Hans de Goede wrote:
> So can we get this fixed please, or do we need to escalate
> this all the way up to FESco again ?

Hi,

The status quo is that we are not in compliance with FESCo's policy
[1], which clearly applies to all tools that change passwords and not
just anaconda, but we can't change anything in GNOME until libpwquality
stops blocking weak passwords via its PAM module, since we ultimately
shell out to passwd to implement that (for auditability). (Actually, I
think gnome-initial-setup does not use passwd, but gnome-control-center 
definitely does, and we are not going to implement different password
checking behavior between the two of them.)

I informed FESCo of this at the time of their decision, and reminded
them in the original ticket a month or two ago. At any rate, it's been
this way for several releases now, so I don't want to change anything
in F25 this late in the game, but it would be nice to fix in the F26
timeframe. I don't want to work on the PAM module, but if somebody else
fixes it, then send me a ping and I'll try to update gnome-initial-
setup and gnome-control-center to comply with the policy.

But there is one more issue. FESCo's policy actually requires that only
admin users (wheel users, including the initial user account) would be
able to set weak passwords, and that unprivileged users should be
blocked from doing so. Again, this is not currently possible to
implement in GNOME, as it requires additional plumbing in at least the
PAM module, and probably also in libpwquality proper. Again, I don't
plan to work on this, but again, if someone else fixes it then I'm
happy to make whatever changes are needed in g-i-s/g-c-c.

Michael

[1] https://fedoraproject.org/wiki/Passphrase_policy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Hans de Goede]

Hi,

On 07-10-16 16:17, Tomas Mraz wrote:

On Pá, 2016-10-07 at 15:56 +0200, Hans de Goede wrote:

Hi,

So 2 devel cycles ago we had this whole discussion
about how forcing people to choose strong passwords in anaconda
was making live hard for testers / test-installs and this
decision was reverted.

So now here I'm doing a F25 Fedora ARM test install, end up
in the gnome-ified first-time-setup wizzard and cannot continue
until I make my test-user password strong enough. UGH.

So can we get this fixed please, or do we need to escalate
this all the way up to FESco again ?


Is that a regression?


I don't know this is the first time I encountered the
gnome initial-setup wizard instead of using anaconda (due to how
arm images work).


Previously the discussion was about Anaconda


Right, but since we've had this whole heated discussion about how
a strong password should not be mandatory for initial account
creation, it seems silly to me that only Anaconda actually abides
by that decision and other tools with the same purpose do not.


not about gnome initial setup or whatever is the password dialogue you are
talking about.


I got something which looks like the gnome welcome wizard, but then
before logging in, since there did not exist any user on the system yet.

This version of the gnome welcome wizard allows one to create an user
and select a timezone in essence taking the place of initial-setup-gui
on non workstation spins.

If someone knows the package name of the gnome replacement for
initial-setup-gui used on the workstation spin, then please let me
know then I will file a bug for this.


 Not that I am supporter of making it impossible to
override password strength check in any kind of initial setup tools.


Right, exactly my point.


The only place where the password strength check should not be
overridable is when a regular user tries to change his own password.


Ack, that is not what I'm talking about, this is initial account
creation for the first user on the system.

Regards,

Hans

___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: Weak password madness is back again

[Tomas Mraz]

On Pá, 2016-10-07 at 15:56 +0200, Hans de Goede wrote:
> Hi,
> 
> So 2 devel cycles ago we had this whole discussion
> about how forcing people to choose strong passwords in anaconda
> was making live hard for testers / test-installs and this
> decision was reverted.
> 
> So now here I'm doing a F25 Fedora ARM test install, end up
> in the gnome-ified first-time-setup wizzard and cannot continue
> until I make my test-user password strong enough. UGH.
> 
> So can we get this fixed please, or do we need to escalate
> this all the way up to FESco again ?

Is that a regression? Previously the discussion was about Anaconda not
about gnome initial setup or whatever is the password dialogue you are
talking about. Not that I am supporter of making it impossible to
override password strength check in any kind of initial setup tools.

The only place where the password strength check should not be
overridable is when a regular user tries to change his own password.

-- 
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
  Turkish proverb
(You'll never know whether the road is wrong though.)


___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Weak password madness is back again

[Hans de Goede]

Hi,

So 2 devel cycles ago we had this whole discussion
about how forcing people to choose strong passwords in anaconda
was making live hard for testers / test-installs and this
decision was reverted.

So now here I'm doing a F25 Fedora ARM test install, end up
in the gnome-ified first-time-setup wizzard and cannot continue
until I make my test-user password strong enough. UGH.

So can we get this fixed please, or do we need to escalate
this all the way up to FESco again ?

Regards,

Hans
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org