Bug 146533

Summary: Point out problems with special chars in root password in help text
Product: [openSUSE] SUSE LINUX 10.0 Reporter: Peter Möller <gorgonz>
Component: InstallationAssignee: Jiří Suchomel <jsuchome>
Status: RESOLVED FIXED QA Contact: Klaus Kämpf <kkaempf>
Severity: Enhancement    
Priority: P5 - None CC: aj, kukuk
Version: Final   
Target Milestone: ---   
Hardware: i586   
OS: SuSE Linux 10.0   
Whiteboard:
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Peter Möller 2006-01-29 23:42:32 UTC 
First the facts:
usb drive was connected, while shutdown of the system is running, later removed
booting again, the systems fails to startup for configuration reasions (suppose you call that Runlevel S)
Then your first chance to enter something is the question for the root password. If the password consists of localised special chars, then there is no chance to enter them, because the localisation of the keyboard is a later step of the startup.

A few ideas, what should be solved in 10.0 and later:
- installation should have a question, what language to use in Level S or
- chosen keyboard layout IS the localisation standard of level S
- a bugfix should correct this in running systems

You know the game of reality: Nobody thinks about this nore considers this at installation time. All people get aware of this at the moment, where it is too late :-(

Though its not the best place, i risk a personal question:
if this happens with a windows system, clever users could use scan codes (ALT-GR + digits), if they want to enter special chars. Is there a way under linux, to do the same?
Comment 1 Dr. Werner Fink 2006-01-30 10:56:46 UTC 
AFAIK the question for the language is done.
The handbook also states about what characters
should be choosen for passwword and which
characters should be avoided.
Comment 2 Stefan Hundhammer 2006-01-30 11:05:45 UTC 
We keep getting bug reports where people demand we allow even more characters for passwords. We pointed out this exact problem dozens of times, but we were overruled.

I don't have strong feelings towards this one way or the other, but somebody has to make a decision - and then we need to stick with that decision for some time.

Andreas? Thorsten?
Comment 3 Thorsten Kukuk 2006-01-30 11:10:29 UTC 
The problem is clearly the help text. The help text listed a lot of characters which are difficult to find if you don't have an english keyboard, but does not mention the problems using special characters.

I'm in favor of changing the help text for passwords: Don't list "valid" characters, explain the customer what happens if he use characters not available with an english keyboard.
Comment 4 Stefan Hundhammer 2006-01-30 11:22:06 UTC 
Jiri, Rebecca, please change the help text for the root password (and also for normal users?) to clearly point this out.

But at this stage of the distribution this might be a candidate for LATER.
Comment 5 Rebecca Walter 2006-01-30 11:29:19 UTC 
I'd need the current text to rewrite it.
Later might be the best choice, but I will help now if Jiri wants to fix it now.
Comment 6 Jiří Suchomel 2006-01-30 11:52:02 UTC 
I'm for later (unless someone provides the text).
Comment 7 Jiří Suchomel 2006-01-30 12:40:49 UTC 
later
Comment 8 Jiří Suchomel 2006-07-14 07:29:54 UTC 
reopen yast2-users bugs
Comment 9 Peter Möller 2006-07-19 08:11:03 UTC 
the discussion is done so far. Still I would state to add the information at the dialog, where the user creates the password. Don't forget the initial problem, that users learn too late about this fact ;-)
Comment 10 Jiří Suchomel 2006-07-25 08:31:51 UTC 
So, what would you say about this text?

"For password, use only the letters that can be find on english keyboard, so you are able to log in even when the switch to your keyboard layout fails for some reason."
Comment 11 Peter Möller 2006-07-25 15:31:24 UTC 
Hi Jiri,

yes, the subject is met. Still i would prefer a stronger formulation, could look like this:

Attention:
Use only those letters for your password, that can be used with an english keyboard layout. Otherwise you might fail to login in an emergency situation.
Comment 12 Rebecca Walter 2006-07-26 06:29:52 UTC 
How about something like this:

"For the password, use only characters that can be found on an English keyboard layout.  In cases of system error, it may be necessary to log in without a localized keyboard layout."

I'm not too keen on "emergency situations" because that isn't very clear.  Do you think this wording makes sense?  Am I correct saying characters? My thought is that is also gives the user a hint about thinking about where other characters are located on the US layout as well.
Comment 13 Jiří Suchomel 2006-07-26 07:43:21 UTC 
 Fixed in yast2-users-2.13.21