Pick a sane default password policy and enforce it across Ubuntu
This came up during Maverick testing. It's become apparent that the default password policy for the installer environment, both Ubiquity AND Debian-Installer, allow for single character passwords and encryption passphrases. For example, my password is now 'a' and the passphrase to decrypt my filesystem is 'b'.
However, once you have installed, a more sane default is used, requiring a minimum of 6 characters and a mix of capitals, lower-case, numbers, etc... and also the standard dictionary checking for simple passwords.
So there's a huge disconnect there, and allowing users to set a single character as their password pretty much makes the whole idea of passwords moot. at that point, you may as well just remove the password requirement all together.
We should pick a standard password default and stick with it across the board. The installer environment should reflect the post-install environment.
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- None
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- None
- Implementation:
-
Unknown
- Milestone target:
- None
- Started by
- Completed by
Whiteboard
No need for a session here. We can work this out via bug 656004. -robbie.w
