Re: [cobalt-users] Admin/root password security hole

[Dom Latter <d.latter@xxxxxxx>]

Jonas Pasche wrote:
> 
> "Basically, the reasoning behind the 16 characters is
> to encourage people to pick secure passwords.  We do realize that Linux
> truncates beyond 8 characters, but it's probably better for users to have
> truncated passwords than to have passwords that are too short."

The reasoning is deeply flawed.  A secure password can be 
made insecure through truncation - e.g. "security5143"
becomes "security".