Red Hat Bugzilla – Bug 1002276
RFE: XKCD style passwords
Last modified: 2013-08-28 15:45:17 EDT
I would very much like to have the option for XKCD style passwords as an option in IPA:
With traditional style passwords becoming less and less secure, doing this would be quite helpful.
I know it can be simulated by just doing it, but there's no way to do that and have traditional passwords at the same time (while transitioning.) An actual password policy that I could apply to just certain groups would be the right way of going about it.
Can you be more explicit what you're asking for here. You want a password policy to enforce that the password is made up of 4 discrete words? All lower-case?
Or do you want us to do enforcement based on the entropy math?
Specifically: four discrete words, preferably with a cracklib-like check to see if they're unrelated (as in, not appearing together, in sequence, in common phrases (or at least a stub that can be extended later.))
I'm not even sure how you'd go about tackling the entropy math.