Bug 27104 - RFE: Password field in High Security install is too short
Summary: RFE: Password field in High Security install is too short
Status: CLOSED DUPLICATE of bug 24580
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: anaconda   
(Show other bugs)
Version: 7.1
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Brent Fox
QA Contact: Brock Organ
Keywords: FutureFeature
Depends On:
TreeView+ depends on / blocked
Reported: 2001-02-12 02:16 UTC by R P Herrold
Modified: 2007-04-18 16:31 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-04-21 21:45:20 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description R P Herrold 2001-02-12 02:16:09 UTC
High security option as the default looks promising, yet, in
adding root, and initial user account, there is only room for
an 8 character password.  This loses the benefit of long
'line noise' passphrases ...
RFE: Extend password field when High Security to at least 24 characters

Comment 1 Michael Fulbright 2001-02-12 03:46:06 UTC
Doesn't the field scroll when you enter a longer password?

The high security option, btw, only refers to the firewall configuration.

Comment 2 R P Herrold 2001-02-12 04:02:17 UTC
Dunno -- will test.

But if so, it violates the principle of Least Surprise.  The option for
root's password is visibly longer than the 9 char for end users ...

WHY in the world 9 characters ?  This has NO value to a long time
unix admin (who KNOWS passwords are only significant to 8 chars --
makes it look as though you were just sloppy instead of signalling
that passphrases are available)

At least conform both root and end users to the longer value, and
inform that md5 hashed passwords (or whatever) are available.

Comment 3 Daniel Roesen 2001-02-12 15:17:49 UTC
the 8-chars limitation is only for DES crypt(), not for MD5.

Comment 4 R P Herrold 2001-02-12 20:54:58 UTC
"who KNOWS passwords" ... was in 'old hand who stopped learning about
1975' mode ...  Yes, I know ... but the signal sent by a short
password field is that this length is all that will be accepted.
(a ">" at the right margin might signal a scrolling width field).

Comment 5 Daniel Roesen 2001-02-12 21:36:56 UTC
I fully agree.

Comment 6 Brent Fox 2001-02-17 04:46:16 UTC
I'm inclined to agree, however the documentation would have to be changed.
Since the translations are already underway, we can't change things at this
time.  I'm deferring this and I'll put this on our list for a future release.

Comment 7 R P Herrold 2001-02-17 16:31:43 UTC
What about the simple confirmance of displayed field length to the longer value
allowed for root in TUI, compared with end users ... that requires no doco
changes ... it is just visual appearance, and would seem to be able to be rolled
in in 7.1 ?

Comment 8 Brent Fox 2001-02-20 04:18:55 UTC
There's just not time to address non-critical bugs at this time.  Screenshots
are a part of the documentation, and we are in a complete screen freeze.  Deferring.

Comment 9 R P Herrold 2001-03-10 02:17:45 UTC
Did some counting on the TUI install

Root has a field of 24 width, and accepts 23 with no continuation indication

End users offers 10, and takes 9, with no continuation indication ...

--------------I will un-defer once 7.1 goes GOLD to get it changed at once in
the next version cycle.

Comment 10 R P Herrold 2001-04-11 03:48:36 UTC
Re-open for consideration of proposed fix in RH 7.2

Comment 11 Brent Fox 2001-04-21 21:45:15 UTC
We will roll these proposed changes into bug #24580. Thanks for your suggestion.

*** This bug has been marked as a duplicate of 24580 ***

Note You need to log in before you can comment on or make changes to this bug.