Hello Dhiraj, thanks for the report. The passwd utility assumes root
knows best and allows root to set any password to anything no matter how
poor.
You can use the pam_cracklib(8) PAM module to enforce some minimum
quality levels for your passwords when users set their own -- but of
course frustrated users may pick bad passwords this module doesn't know
how to discover.
Thanks
** Information type changed from Private Security to Public Security
** Changed in: shadow (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to shadow in Ubuntu.
https://bugs.launchpad.net/bugs/1767815
Title:
Can use <space> as a password
Status in shadow package in Ubuntu:
Won't Fix
Bug description:
Hi Team,
I am not sure about this, but thought of reporting tho!.
warmachine@ftw:~$ uname -a
Linux ftw 4.13.0-39-generic #44~16.04.1-Ubuntu SMP Thu Apr 5 16:43:10 UTC
2018 x86_64 x86_64 x86_64 GNU/Linux
However, while creating a user `sudo adduser test` I can keep only
<space's> has my password for test user.
Could someone please look into this and advise me for same. I believe
password must be robust or only <spaces> should not be allowed.
Thank you
DM
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1767815/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
