[CentOS] Another Fedora decision

Tue Feb 3 17:48:43 UTC 2015
Valeri Galtsev <galtsev at kicp.uchicago.edu>

On Tue, February 3, 2015 11:37 am, Les Mikesell wrote:
> On Tue, Feb 3, 2015 at 11:20 AM, Scott Robbins <scottro at nyc.rr.com> wrote:
>>>
>>> I don't think anybody is missing anything.  "Palindrome" in this
>>> context
>>> may not be limited to real words; the author may be suggesting that you
>>> not pick your password by picking a real word and tacking on its
>>> reverse to make a palindrome, e.g., "password1drowssap".
>>>
>>
>> Ah, that makes sense then, thanks.
>
> I think the intent is: "Don't use a password likely to be included in
> the list that an attacker would try". Of course if services would
> rate-limit the failures

Which sysadmins do for ages when they configure their machines. And I
don't think any system will ever come from system vendor fully prepared to
serve anything necessary, and tightened to best requirements (which depend
on box designation anyway). So, system vendors can do better, but there
always will be need for you to do your sysadmin's part. Sounds almost like
job security. As one of my friends says: all systems suck, and thanks to
that got our jobs ;-)

Valeri

> by default or at least warn you about repeated
> failures and their source, brute-force attacks would rarely succeed.
> But fixing the problem doesn't seem to be the point here.
>
> --
>    Les Mikesell
>      lesmikesell at gmail.com
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>


++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++