I haven't verified the bug, but if it exists, I think it does compromise security. If i make a 30-character passphrase, i'm counting on the length of the passphrase to protect me against cracking attempts.
But if my passphrase is "debonair exploits of the daunting carousels" (it isn't, don't worry), a simple dictionary attack will crack my account in shortly. I think this warrants the security flag unless it is clearly documented that passphrases longer than 8 chars are truncated. -- can't create passwords greater then 8 characters https://launchpad.net/bugs/75536 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
