On Tue, 2015-02-03 at 14:10 -0600, Les Mikesell wrote: > On Tue, Feb 3, 2015 at 2:03 PM, Always Learning <centos at u64.u22.net> wrote: > > > > Nothing wrong with letting "an expert" preconfigure the system and then, > > after installation, the SysAdmin checking to ensure all the settings > > satisfy the SysAdmin's requirements. > I'd just rather see them applying their expertise to actually making > the code resist brute-force password attacks instead of stopping the > install until I pick a password that I'll have to write down because > they think it will take longer for the brute-force attack to succeed > against their weak code. Very sensible comment. I absolutely agree. Why do the Fedora Bunch think poncing-around with password lengths and composition is more important than extremely strong external security ? There should be a basic defence that when the password is wrong 'n' occasions the IP address is blocked automatically and permanently unless it is specifically allowed in IP Tables. If specifically allowed in IP Tables, there should be a predetermined wait time before another attempt can be made. Simple ! So why does Fedora prefer allowing the hackers unlimited opportunities to brute-force passwords ? -- Regards, Paul. England, EU. Je suis Charlie.