Bug 1198539

Summary: TC8: Please specify what you means by strong password in bottom bar
Product: [Fedora] Fedora Reporter: Pravin Satpute <psatpute>
Component: libpwqualityAssignee: Tomas Mraz <tmraz>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: g.kaviyarasu, jonathan, tmraz, vanmeeuwen+fedora
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-12-20 15:18:39 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Pravin Satpute 2015-03-04 10:41:43 UTC
Description of problem:
I tried with 
1. small letter and number. It shows weak.
2. one caps and other small and number. still it shows weak.

then tried one small, caps and special character and numerals then it shows me fair.


Version-Release number of selected component (if applicable):
22.20.1-1

How reproducible:
everytime

Steps to Reproduce:
1. In setup, try to set root password.
2. try above mentioned combinations
3. 

Actual results:
Users do not get any hint on what it means by strong/fair password.

Expected results:
One should inform users what it means by fair/strong password. Else he will keep on searching for strong password all time.

Additional info:
Desktop/Laptop level user does not care much about password, since that machine remains with them all the time. 
I have seen number of people just single character as a password. Since they need to login to machine 100 times a day. 

Good if we can avoid this strong password criteria and ease life of laymen users.

Comment 1 David Shea 2015-03-04 18:58:19 UTC
Anaconda already displays the messages from libpwquality concerning the password. If you feel these messages are insufficient, they would need to be improved in libpwquality.

Comment 2 David Shea 2015-03-04 18:59:32 UTC
(In reply to Pravin Satpute from comment #0)
> Additional info:
> Desktop/Laptop level user does not care much about password, since that
> machine remains with them all the time. 
> I have seen number of people just single character as a password. Since they
> need to login to machine 100 times a day. 
> 
> Good if we can avoid this strong password criteria and ease life of laymen
> users.

There is already an option to create a user with no password at all. Instead of using useless passwords, I would recommend using no passwords.

Comment 3 Pravin Satpute 2015-03-05 07:02:53 UTC
Aha, i missed that option. 
Still there is need to mention what is meant by fair, strong password. I noticed if i increase length of password still it makes it fair password. 

Good to inform that to user.

Comment 4 Pravin Satpute 2015-05-01 07:44:49 UTC
In Fedora Beta, i see user can use his choice of password by pressing "Done" twice. 

If that is final, then we can close this bug.

Comment 5 Tomas Mraz 2018-12-20 15:18:39 UTC
We are not going to pursue this RFE at this point. If anyone wishes to work on this I'd suggest creating pull request on libpwquality upstream.

https://github.com/libpwquality/libpwquality