On Feb 2, 2015, at 4:26 PM, Les Mikesell lesmikesell@gmail.com wrote:
On Mon, Feb 2, 2015 at 4:17 PM, Warren Young wyml@etr-usa.com wrote:
Let’s flip it around: what’s your justification *for* weak passwords?
You don't need to write them down.
The new rules are:
1. At least 8 characters.
2. Nothing that violates the pwquality rules:
http://linux.die.net/man/8/pam_pwquality
Are you telling me you cannot memorize a series of 8 characters that do not violate those rules?
I’m the first to fight boneheaded “password security” schemes like a required change every N weeks, but this is not that. Spend a bit of time, cook up a really good password, and then use it for the next several years. That amortizes the cost of memorization to near-zero, greatly reducing the drive to write it down in an insecure place.
Or trust some 3rd party password keeper to keep them.
That doesn’t really apply here. Any password you have to type into a GUI is going to have to be something you can memorize. Password managers are for things you access *after* you are logged in.
(Another gripe of mine: this recent trend toward using some “cloud” login as your OS login. Apple, Microsoft, and Google are now all doing this! This perforce requires me to weaken a password with a cloud-sized attack surface (i.e. frackin’ huge) to the point that I can memorize it. Before this change, I was using huge random passwords and 2FA. That doesn’t work any more in a world where the OS now requires my cloud password every time it wants elevated privileges.)
Whereas when 'not weak' is determined by someone else in the middle of trying to complete something, you are very likely to have to write it down.
Presumably you have already worked out a good password, and memorized it.
This change is not going to enforce uniqueness per server.
(Though, if this server will be used via SSH, it might be a good idea to do that anyway. SSH keys — optionally with passphrases — are more secure than even quite a long human-memorizable password. Disable password auth and use keys.)