Sérgio Basto wrote:
> please try `pwgen -s 20 1 -cny`
Good idea, though it actually accepted the 20-character alphanumeric
password without symbols just fine. I believe there used to be a requirement
for a symbol, but this does not seem to be a hard requirement anymore, there
is a more complex
Marcin Juszkiewicz wrote:
> 9 characters password in 2022 is considered 'easy breakable' thanks to
> power of GPUs.
To "break" the password offline with a GPU, you need a hashed password to
begin with. If I log in securely over HTTPS and if the server is not
compromised (and neither is my
On Fri, 2022-10-14 at 03:39 +0200, Kevin Kofler via devel wrote:
> Hi,
>
> I have generated a new 20-character random password with "pwgen -s 20
> 1",
please try `pwgen -s 20 1 -cny`
Best regards,
--
Sérgio M. B.
___
devel mailing list --
Kevin Kofler via devel wrote:
> I have generated a new 20-character random password with "pwgen -s 20 1",
See how easy that was. And your using random passcodes tells me that
you keep them in a password manager, which means that you don't need to
type the passcode, so you have no need to limit
W dniu 14.10.2022 o 03:39, Kevin Kofler via devel pisze:
today, Red Hat Bugzilla forced me to change my password because
apparently a password of 9 random alphanumeric+symbol characters (1
symbol, 8 mixed-case alphanumeric) is suddenly no longer considered
secure enough. This is absolutely
V Fri, Oct 14, 2022 at 03:39:32AM +0200, Kevin Kofler via devel napsal(a):
> today, Red Hat Bugzilla forced me to change my password because apparently a
> password of 9 random alphanumeric+symbol characters (1 symbol, 8 mixed-case
> alphanumeric) is suddenly no longer considered secure enough.
On 14-10-2022 03:39, Kevin Kofler via devel wrote:
It is not like that password is for
a bank account or for a build system (I believe FAS and thus Koji actually
has less stringent password security requirements than that!), so how secure
does the password really have to be?
You basically
On Fri, Oct 14, 2022 at 1:39 AM Kevin Kofler via devel
wrote:
> ... but this is absolutely absurd.
To (mis) quote Randy Bush: "their application, their rules".
If you don't like them, find another provider.
I hope that RedHat quickly supports passkeys, where
this all becomes moot.
Unless you
Hi,
today, Red Hat Bugzilla forced me to change my password because apparently a
password of 9 random alphanumeric+symbol characters (1 symbol, 8 mixed-case
alphanumeric) is suddenly no longer considered secure enough. This is
absolutely ridiculous for a bug tracker. It is not like that
