Barry Warsaw wrote: > I disagree. By reserving password generation to the pydotorg admins, we > can better insure the passwords are more robust against dictionary > attacks. See my previous message. I actually /don't/ want individuals > to be able to set their own passwords. In practice, you only have to > know your password once, because svn caches the authentication (yes, > that opens up opportunities for compromise, but that's how svn works). See Michael's (I think) message: that is a much greater risk than the one of a brute-force attack. In our environment, a determined student could easily read out my home directory, and get at my pydotorg password (if I would allow svn to cache it). They would have to break all kinds of rules in doing so; yet, it would be technically possible - so I just can't turn on this svn setting, and have to type the password every time. This is surely inconvenient, as I cannot even remember the password. Regards, Martin
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4