Hi,
today, Red Hat Bugzilla forced me to change my password because apparently a
password of 9 random alphanumeric+symbol characters (1 symbol, 8 mixed-case
alphanumeric) is suddenly no longer considered secure enough. This is
absolutely ridiculous for a bug tracker. It is not like that password is for
a bank account or for a build system (I believe FAS and thus Koji actually
has less stringent password security requirements than that!), so how secure
does the password really have to be?
I have generated a new 20-character random password with "pwgen -s 20 1",
and that is good enough for Bugzilla (but who knows for how long?), but this
is absolutely absurd.
Kevin Kofler
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
