Bug 1267147 - silly password requirements
silly password requirements
Status: CLOSED DUPLICATE of bug 1265066
Product: Bugzilla
Classification: Community
Component: User Accounts (Show other bugs)
4.4
Unspecified Unspecified
unspecified Severity unspecified (vote)
: ---
: ---
Assigned To: PnT DevOps Devs
tools-bugs
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-29 02:58 EDT by Pierre Ossman
Modified: 2015-09-29 03:46 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-09-29 03:46:01 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Pierre Ossman 2015-09-29 02:58:04 EDT
I was unfortunately greeted with the error message that I had to change my password here because it did not fulfil the new requirements. And I was very disappointed to see that you've started with the silly nonsense that is fairly well known by now to produce shit passwords.

I have nothing against password policies, but at least have a decent one, like requiring a long passphrase rather than a single word.
Comment 1 Jason McDonald 2015-09-29 03:46:01 EDT
The change in complexity requirements was made because a disturbingly high number of Bugzilla users with access to confidential data were found to have extremely weak passwords (e.g. six character dictionary words).  We decided to address that problem by increasing the lowest common denominator, on the theory that some password complexity is better than none at all.  That has unfortunately inconvenienced some users who were already doing the right thing, and I apologise for that.

We are planning to restore the ability to use long passphrases via Bug 1265066.  You are welcome to provide feedback there if you have any further concerns.

*** This bug has been marked as a duplicate of bug 1265066 ***

Note You need to log in before you can comment on or make changes to this bug.