From Fedora Project Wiki

(Remove content. The deprecation notice and the link to the new location is enough.)
 
(4 intermediate revisions by 3 users not shown)
Line 1: Line 1:
{{admon/important|DRAFT|This policy was approved by fesco, but this page needs review, check back later}}
{{admon/important|This page is deprecated| FESCo docs have moved to [https://docs.fedoraproject.org/en-US/fesco/ docs.fp.o] with source hosted in a [https://pagure.io/fesco/fesco-docs pagure repo]. This page is now at https://docs.fedoraproject.org/en-US/fesco/Passphrase_policy/.}}
 
= passphrase policy =
 
Policy for initially setting or changing local passphrases/passwords in Fedora installs.
 
= Introduction =
 
This policy is for applications that set or change passphrases/passwords locally on Fedora installations. One central place for policy for passphrases was desired and that is now in the libpwquality package. This package ships defaults for Fedora as decided by FESCo. Fedora products can override the defaults by creating their own /etc/security/pwquality.conf.d/ configuration file. The local administrators can set their own policy in the master /etc/security/pwquality.conf file.
 
= scope =
 
This policy is only for applications that set or change local passwords/passphrases. It has nothing to do with remote/central authentication stores, which can and do still have their own policies.
 
= summary of defaults =
 
* passwords/passphrases must be at least 8 characters long.
 
* passwords/passphrases must have at least 1 character different from previous existing password/passphrase (if applicable).  
 
* passwords that fail to pass libpwquality should display the failure to the user.
 
* root / admin users should be able to override quality checks (for purposes of this, the installing user is root/admin)
 
* applications may use the libpwquality 'score' to display an analog strength meter to users as an informational tool.
 
= applications covered =
 
* anaconda
 
* passwd / usermod
 
* gnome-initial-setup
 
= references =
 
https://fedorahosted.org/fesco/ticket/1455
 
https://fedoraproject.org/wiki/Changes/Standardized_passphrase_policy
 
[[Category:FESCo policy]] [[Category:Package_Maintainers]] [[Category:Policy]]

Latest revision as of 20:36, 26 May 2021

Important.png
This page is deprecated
FESCo docs have moved to docs.fp.o with source hosted in a pagure repo. This page is now at https://docs.fedoraproject.org/en-US/fesco/Passphrase_policy/.