Red Hat Bugzilla – Bug 1267954
Same password for root and disk encryption reported both as Good and Weak
Last modified: 2016-01-29 11:46:47 EST
Description of problem:
I have used the same password twice:
- for disk encryption where it was reported as weak
- for the root user where it was reported as good
Version-Release number of selected component (if applicable):
Created attachment 1079093 [details]
Disk encryption password
Created attachment 1079094 [details]
Root user password
There are two differences in the way anaconda performs these two password checks:
1: for the root password check, anaconda overrides minlen setting to 6. This should not matter here since the default is 8, and it looks like the password you are attempting to use has 9 characters.
2: for the root password check, anaconda passes the username parameter to the pwquality check function, since passwords that contain the username are considered weaker than those that do not, while the disk passphrase has no such concept to check against. Maybe your password contains the word "root"?
Actually the change in the minlen setting modifies the calculation of the password score so that is the reason for the difference.
Back to anaconda for consideration whether it wants to unify the minlen setting for both checks. I do not see this as a bug though.
Consensus is this is not a bug. If the password checking requirements need to change, that is a policy set by someone else. Ideally product management in the case of RHEL.