[Bug 656004] Re: installers (both ubiquity and d-i) allow single character passwords and encryption passphrases.
Jeff Lane
656004 at bugs.launchpad.net
Tue Sep 12 15:45:42 UTC 2023
** Changed in: been-grubed
Status: Triaged => Invalid
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubiquity in Ubuntu.
https://bugs.launchpad.net/bugs/656004
Title:
installers (both ubiquity and d-i) allow single character passwords
and encryption passphrases.
Status in BEeN GRUBed:
Invalid
Status in ubiquity package in Ubuntu:
Invalid
Status in ubiquity source package in Natty:
Won't Fix
Status in ubiquity source package in Oneiric:
Won't Fix
Bug description:
Binary package hint: ubiquity
It's never occurred to me until reading the warning in Kubuntu's
installer but the installer's user info section warns that passwords
have to be between 1 and 63 characters long.
I understand the need to make things easy for end users, however,
allowing single character passwords is, IMHO a bit TOO lax and is a
security risk. I was able to, using the Kubuntu installer, create a
single letter password using the letter 'a'.
If that's going to be the policy, why do we even bother with passwords
at all?
To manage notifications about this bug go to:
https://bugs.launchpad.net/been-grubed/+bug/656004/+subscriptions
More information about the foundations-bugs
mailing list