Red Hat Bugzilla – Bug 1267147
silly password requirements
Last modified: 2015-09-29 03:46:01 EDT
I was unfortunately greeted with the error message that I had to change my password here because it did not fulfil the new requirements. And I was very disappointed to see that you've started with the silly nonsense that is fairly well known by now to produce shit passwords.
I have nothing against password policies, but at least have a decent one, like requiring a long passphrase rather than a single word.
The change in complexity requirements was made because a disturbingly high number of Bugzilla users with access to confidential data were found to have extremely weak passwords (e.g. six character dictionary words). We decided to address that problem by increasing the lowest common denominator, on the theory that some password complexity is better than none at all. That has unfortunately inconvenienced some users who were already doing the right thing, and I apologise for that.
We are planning to restore the ability to use long passphrases via Bug 1265066. You are welcome to provide feedback there if you have any further concerns.
*** This bug has been marked as a duplicate of bug 1265066 ***