Description of problem: When installing RHEL/Fedora (or derivations), you are not permitted to enter passwords of 0-5 characters in length. While I can understand the reason for this, I also feel it shouldn't be forced as so. For example, when installing in a virtual machine, there is no concern of anybody breaking into the VM itself; choosing to use no password at all is a convenience I'm capable of affording. My suggestion is instead to _warn_ users about insecure passwords (much like you warn about erasing an entire disk), but still _allow_ such passwords after a confirmation by the user. Version-Release number of selected component (if applicable): Used CentOS 5.1 How reproducible: 100% Steps to Reproduce: 1. Install operating system Actual results: Blocked from using passwords of 0-5 characters in length. Expected results: At least warned about insecure passwords, but allow. Additional info:
If you install every once and a while (like normal people :), and really feel strongly about having a len(passwd) < 5, you can run `passwd` after installation. I know, I know, its extra work, but its going to be extra work anyway (pushing the "yes Im sure button" to continue install). I just think that the trouble of writing "123123, passwd ; ENTER ; ENTER` is more or less the same as pushing the "I am sure" button. If you have a setup where you have to install a lot of boxes you can put the passwd in the ks file and then run `passwd` in %post. Moreover we are moving towards advising the user to have a "strong" passwd instead of the normal "6 whatever character" one. The strong passwd is not forced on the user, but is strongly suggested. What you suggest goes against this policy and is not recomended Additionally, think of the new users that just push next at the installation and completely miss the warning. They, without knowing, are being exposed to bad things happening in their systems. Finally, IMO there are more negative things than positive in this approach. And considering that there will be very little gain from this change I feel very uncomfortable implementing this it