[Mailman-Users] Can I enforce secure admin passwords?
Mark Sapiro
mark at msapiro.net
Thu Jun 4 01:51:59 CEST 2009
Grant Taylor wrote:
>On 6/3/2009 4:33 PM, Kirke Johnson wrote:
>> What is bothering me is list owners who want to use their initials or
>> the list name as list owner passwords. I feel like kind of a sitting
>> duck when we can't see the passwords they have chosen and have no way to
>> enforce decent choices.
>
>It should be a lot easier to test to see if the password (clear text or
>encrypted) matches known values as compared to testing to see if it's an
>other wise good password. (No dictionary is needed to check against.)
What known values? List name, yes, but the list owner's name, initials,
whatever are not known to Mailman - only her email address.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list