Fedora, News & Announcements

Anaconda on root and user account password strengths: Why so strict?

So the third alpha release of what will become Fedora 22 has been released and I’ve managed to download ISO installation images of the main edition, which uses the GNOME 3 desktop, KDE and the Netinstall.

From those installation images, I’ve installed Fedora 22 alpha (GNOME 3), Fedora 22 KDE alpha, and Fedora 22 Cinnamon in virtual environments on my test desktop computer, which just happens to be running Fedora 21 KDE.

So far, I have nothing out of the ordinary to report with respect to the desktops themselves, but I do have a comment about Anaconda, the Fedora system installer.

No, it’s not about all the UX design snafus that Anaconda is known for, but something different. And that something different is password strength enforcement. If you have installed one of the latest alpha releases, I’m sure you know what I’m talking about. If not, here’s what happens when you’re creating a user account and specifying a password for the root account.

Anaconda will not accept a password that’s less than seven characters. And no, a password that’s the same as the username, even if it’s more than seven characters, will not fly. If it contains the username in some form, that won’t fly too. In fact, if it’s deemed weak, Anaconda will not let you go past that step.

And that’s the problem: The definition of weak is too strict. So strict that even a password I use for online banking failed the test. And that’s an alphanumeric password with upper and lowercase letters. I can understand a very strict password enforcement for an online account, but for a desktop, yes, let’s be strict, but leave room for when you don’t really need to be paranoid.

Anybody from Fedora listening?

The image below shows the user setup step during the installation and some of the password strength test fail messages.
Anaconda password strength enforcement

Subscribe to LinuxBSDos.com

Subscribe to receive the latest articles in your Inbox

I agree to have my personal information transfered to MailChimp ( more information )

Trust me, you'll not be spammed...

Please share:

We Recommend These Blockchain Conferences and Servicess

Register now for Blockchain & Decentralized Tech SuperSummit, international conference on blockchain technology in Dallas, TX (USA), April 1 - 4, 2019

Reasons to use control panel for your server

Today's valid web hosting discount codes

Learn how to trade cryptocurrencies using technical and fundamental analyses at BDT SuperSummit

Best binary auto trading software reviews by 7binaryoptions.com

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).


5 Comments

  1. Just hoping Fedora team(s) will read this article.
    =)

  2. Just click on the button twice and anaconda will oblige, weakness of the password not withstanding. 🙂

Leave a Comment

Your email address will not be published. Required fields are marked *

*