Bug 157588

Summary: It's possible to enter "*****" five stars as a root's password without any warning
Product: [openSUSE] SUSE Linux 10.1 Reporter: Lukas Ocilka <locilka>
Component: YaST2Assignee: Jiří Suchomel <jsuchome>
Status: RESOLVED INVALID QA Contact: Klaus Kämpf <kkaempf>
Severity: Normal    
Priority: P5 - None    
Version: Beta 7   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Lukas Ocilka 2006-03-13 14:07:09 UTC 
[during the second stage installation]

I guess this is not so secure :) But... who can decide that?
Comment 1 Jiří Suchomel 2006-03-13 14:18:29 UTC 
It isn't possible to do when cracklib is on (/etc/security/pam_pwcheck.conf). 

Thorsten, I thought we used to have cracklib set by default - is this correct?
Comment 2 Thorsten Kukuk 2006-03-13 15:01:26 UTC 
cracklib will only be enabled on the enterprise products, but as long as we share the RPMs with SL this is not possible yet.
Comment 3 Jiří Suchomel 2006-03-13 15:06:32 UTC 
I think it is correct.
You can enforce bigger security and for SLES the security lever is set higher by default.