[CentOS] Another Fedora decision

Tue Feb 3 17:37:02 UTC 2015
Les Mikesell <lesmikesell at gmail.com>

On Tue, Feb 3, 2015 at 11:20 AM, Scott Robbins <scottro at nyc.rr.com> wrote:
>>
>> I don't think anybody is missing anything.  "Palindrome" in this context
>> may not be limited to real words; the author may be suggesting that you
>> not pick your password by picking a real word and tacking on its
>> reverse to make a palindrome, e.g., "password1drowssap".
>>
>
> Ah, that makes sense then, thanks.

I think the intent is: "Don't use a password likely to be included in
the list that an attacker would try". Of course if services would
rate-limit the failures by default or at least warn you about repeated
failures and their source, brute-force attacks would rarely succeed.
But fixing the problem doesn't seem to be the point here.

-- 
   Les Mikesell
     lesmikesell at gmail.com