[PC-BSD Testing] PC-BSD 8.2-RC1 Installation issues
finid at linuxbsdos.com
Wed Jan 12 13:15:07 PST 2011
> Should we enforce password lengths/"complexity"? I'm a fan of the UNIX
> model: Be stupid and expect stupid.
I think it makes plenty of sense to enforce password length. Complexity,
I'm not too worried about, but length, yes (don't let you mind stray from
the topic ;) )!
We should not make it easy for users, especially inexperienced ones, to
install loosely secured systems.
I have a system I installed yesterday where the root passwd is "r" and the
user password is "s." That's just as bad as auto-login.
I'm just happy that Kris has cleaned that bit up. That said, I think a
4-character minimum for user password is to0 low. Six to 8 should be
> IIRC, SSH is disabled in PC-BSD so there shouldn't be too much worry if
a > user prefers 'password'.
I don't think that running a network service is the sole reason for
setting strong passwords. What about protecting physical access?
> On Wed, Jan 12, 2011 at 1:59 PM, Kris Moore <kris at pcbsd.org> wrote:
>> On 01/12/2011 03:25, LinuxBSDos.com wrote:
>>> I just started testing 8.2 RC 1, beginning naturally with the
>>> You may read some of what I've found so far at
>>> Fini Decima
>> Read your postings, Here's what I've changed:
>> * Enforced minimum password length of 6 characters for Disk Encryption
>> * Enforced minimum password length of 4 for root / user accounts
>> As for the other questions about needing a disk password, or additional
>> key files, thats how our geli implementation works right now. The
>> encryption scheme uses a key, which is kept in /boot/keys by default. A
>> password is optional at this point, and if used, then the encryption
>> becomes two-part.
>> The reason we prompt if the user wants to use a password, is because in
>> some cases the user may only want a key file, which they will move to a
>> USB key post-install.
>> Right now I don't feel the need to force FireFox on every user. Some
>> users may prefer Opera or Chromium and can install those via the
>> Software Manager post-install. Thats mostly a preference thing though :)
>> I'm going to check into the Opera License text, see what the deal is
>> there :)
More information about the Testing