Re: Rejecting weak passwords

"Albe Laurenz" <laurenz.albe@wien.gv.at> wrote:

> Heikki Linnakangas wrote:
> > I think it would better to add an explicit "isencrypted" parameter to
> > the check_password_hook function, rather than require the module to do
> > isMD5 on the password.
> 
> I agree on the second point, and I changed the patch accordingly.
> Here's the latest version.

Looks good. I change status of the patch to "Ready for Committer".

BTW, it might not be a work for this patch, we also need to
reject too long "VALID UNTIL" setting. If the password is
complex, we should not use the same password for a long time.

Regards,
---
ITAGAKI Takahiro
NTT Open Source Software Center