From Fedora Project Wiki


Standardized Passphrase Policy

Summary

Currently a number of places ask users to set passphrases/passwords. Some of them enforce some kind of rules for passphrases/passwords, others different rules. This change would create a common base policy for as many of these applications as possible, allowing for local users or products to override this base in cases they need to do so.

Owner

  • Name: kevin | Kevin Fenzi |
  • Email: <kevin@scrye.com>
  • Name: dcantrell | David Cantrell |
  • Email: <dcantrell@redhat.com>
  • Name: t8m | Tomas Mraz |
  • Email: <tmraz@redhat.com>
  • Release notes owner:

Current status

Detailed Description

We should have a base passphrase/password policy for applications to use. This allows them all to be consistent and also provide our users with needed security. Additionally, we should make it possible for our users to adjust this base policy as they need depending on their use cases.

The applications involved in this change should be at least:

  • anaconda - sets initial root and user passphrases/passwords.
  • passwd - command line utility that changes passphrases/passwords.
  • initial-setup - sets up users if they were not setup in anaconda.
  • libpwquality - doesn't set passwords, but should be used in common for quality checking in a consistent manner.
  • gnome-control-center - manages users in the workstation product.

We should provide a way for users or products to adjust this policy, and also a way to allow overriding it (if the policy allows).

Benefit to Fedora

Users will get a consistent passphrase/password policy, not different ones in multiple places. Users will be able to override that policy ideally in one place. Users will be more secure.

Scope

  • Proposal owners: Will work with owners of these components to try and come up with a generic policy for passphrases/passwords and how to implement it, then get FESCo to approve this policy and then implement it.
  • Other developers: Will need to adjust applications and config to use a common set of requirements that can be overriden in one place.
  • Currently this change is only focusing on local passphrases/authentication, other more global or personal items are out of scope.


  • Release engineering: None
  • Policies and guidelines: Will need to be approved by FESCo and FPC (not a System Wide Change)
  • Trademark approval: N/A (not needed for this Change)

Upgrade/compatibility impact

Existing installs will keep their passwords/passphrases. New changes will use the existing generic policy.


How To Test

1. Set passphrase/password for root or user in anaconda. Confirm that the policy is followed.

2. Set passphrase/password in initial-setup/gnome-initial-setup and Confirm that the policy is followed.

3. Set passphrase/password with passwd and confirm the policy is followed.

4. Change the policy and confirm that all the above conform to the new policy.


User Experience

Users will see a consistent passphrase/password policy and will be able to adjust or override it.

Dependencies

N/A (not a System Wide Change)

Contingency Plan

Keep the current inconsistent passphrase/password policy.

  • Contingency mechanism: Just don't land any changes.
  • Contingency deadline: Beta Freeze
  • Blocks release? No
  • Blocks product? No

Documentation

FESCo approved https://fedoraproject.org/wiki/Passphrase_policy for this Change. More information can be found in fesco ticket https://fedorahosted.org/fesco/ticket/1455

Release Notes