[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: Additional KPasswordDialog call
From:       Olivier Goffart <ogoffart () tiscalinet ! be>
Date:       2004-11-16 21:59:29
Message-ID: 200411162259.39043.ogoffart () tiscalinet ! be
[Download RAW message or body]


Le Mardi 16 Novembre 2004 18:59, Andrew Coles a écrit :
> Based on recent discussions on the dot (about KWallet) I propose two
> additional flags that can be passed when invoking a KPasswordDialog:
>
> 1) A minimum acceptable password length
>
> Some passwords need to be more secure than others, so enforcing a minimum
> password length can make sense.  Example: IIRC SUSE demand a minimum 20
> character password in one situation.
>
> 2) The maximum password length that will be kept
>
> Unix passwords are truncated beyond 8 characters so the current password
> strength meter marks for length level off at around 5 characters.  In some
> situations, where the length of password kept is much longer, the password
> strength meter needs to allocate the marks more gradually; e.g. for a 40
> character password, strength marks level off at around, say, 25 (assuming
> that the current 5/8ths of password length ratio is reasonable).
>
> If these are deemed reasonable I'll happily add the extra calls.


And i thought also about adding some warning messages if the user is entering 
a "bad" password according to the strength meter.


[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]