-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Stephan Kulow schrieb: | Am Sonntag, 27. April 2008 schrieb Felix-Nicolai Müller: |> some very bright and all knowing light(s) at novell thought this through |> for us already (to the fullest and absolutely correct extend). What fool |> are you to question those decisions? Don't you see that ubuntu is the |> way to go? It is by far and to utmost certainty the most usable and | | Weren't you the one suggesting to use sudo as secure default without any | root password? I was suggesting to use sudo in order to make the point that this is worse than sudo and _even_ sudo would be the better way to go. | | Please give a reason why this should be different other than "user passwords | are generally way weaker" - especially as you declare with this the exact | reason why it's nonsense to ask for two passwords. Having a weak user password is not the best thing, but it's bearable. Having a weak root password is not a good idea at all. I have a relatively weak user password (as most people do) because it is in fact annoying to type in your 23 character user password each time you want to log in. Depending on how you use sudo, this becomes even more annoying. So it does make sense to ask for two passwords. It makes sense to show the user that there is a root user and that there is a difference between a normal user and root. It makes sense to the ones already knowing there is root to let them know what the root password is. You are focusing on those just clicking next (I assume from the line of your argumentation). But those are exactly the users who do not care about a weak password box. Microsoft has realized that and worked around that in Vista. Security normally comes with a trade off in usability. This is just something the user has to learn instead of being pampered into a dumb state. Why should we make the same mistakes Microsoft has made in the past (and already done away with it)? |The user is much more | likely to accept the "your password is weak" message box if this is the second password. True, but they do not care about the first box either. | | Greetings, Stephan Greetings Felix | --------------------------------------------------------------------- | To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org | For additional commands, e-mail: opensuse-factory+help@opensuse.org | | | -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIFFFcaQ44ga2xxAoRAuLdAKC+B5Xf13Uy2eO85PxPeDeym3MUYgCeJtrv ZLxtj/arSMFeJw7cwYs5llo= =bJmM -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org