[CentOS] Fedora change that will probably affect RHEL

Tue Jul 28 23:46:45 UTC 2015
Warren Young <wyml at etr-usa.com>

On Jul 28, 2015, at 2:46 PM, Chris Murphy <lists at colorremedies.com> wrote:
> 
> My dad will absolutely stop using his iPad if it ever
> requires him to use anything more than 4 numeric digits for his
> password. The iPad never leaves the house.

iPads can’t be coopted into a botnet.  The rules for iPad passwords must necessarily be different than for CentOS.

> the Mac has SSH PKA required.

True, but more on-point here is that OS X ships with sshd disabled by default.  You have to dig into the pref panes and tick an obscurely-named checkbox to enable it.

> Their online services are another
> matter, those I've made very clear they will be strong or they don't
> get to play.

The Apple ID password rules are a fair bit stronger than the libpwquality rules we’ve been discussing here, and have been so for some time:

  https://support.apple.com/en-us/HT201303

Given that recent OS X releases want to use your Apple ID as the OS login credentials, that effectively makes these the OS password quality rules, too.

Fedora is late to the party, and CentOS consequently even later.