On Sun 02 Mar 2014 at 15:27:46 +0000, Debian Bug Tracking System wrote: > > Quoting Brian Potkin (claremont...@gmail.com): > > > d-i says: > > > > > > A good password will contain a mixture of letters, numbers and > > > punctuation and should be changed at regular intervals. > > > > > > Complexity in a password is good and probably unarguable, although > > > length should also be considered to have some importance, Why advise > > > changing it at regular intervals? Why not advocate not imparting it to > > > anyone or not reusing it on other systems? Is there something which > > > causes a good password to degenerate over time? > > > > > > The second part of the advice does not appear to have any technical > > > basis so removing it would be of little consequence. > > It takes a few seconds to find something like this in a search engine: > https://www.schneier.com/blog/archives/2010/11/changing_passwo.html
Thank you; I had read that debatable article before submitting the report. The interesting paragraph begins So in general: you don't need to regularly change the password to your computer . . . The arguments presented there and elsewhere have persuaded me to adopt a policy of changing my login password as frequently as I change the locks on the doors of my house and my car. :) Thanks for all your work with d-i. Regards, Brian. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
