W dniu 14.10.2022 o 03:39, Kevin Kofler via devel pisze:
today, Red Hat Bugzilla forced me to change my password because apparently a password of 9 random alphanumeric+symbol characters (1 symbol, 8 mixed-case alphanumeric) is suddenly no longer considered secure enough. This is absolutely ridiculous for a bug tracker.
This bug tracker is also used to track several other products. Has several bug raports marked as private for security or confidential or other reasons. Fedora is just one of products tracked there.
It is not like that password is for a bank account or for a build system (I believe FAS and thus Koji actually has less stringent password security requirements than that!), so how secure does the password really have to be?
9 characters password in 2022 is considered 'easy breakable' thanks to power of GPUs.
Maybe start using some password manager to generate and store long enough passwords? Or invent easy to remember ones like "I am Kevin Kofler and this is my password#$78"?
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
