I like the way UNIX does it (did it?)
You enter a one-character password, UNIX says "oh ho! I don't think so"
You repeat twice.
The third time it just takes it.
I agree -- password restrictions are annoying. We should completely
remove them.
Bill Shannon wrote:
> This issue came up in our discussions of the issues related to removing
> the anonymous user...
>
> I need to change the requirements on password length. Currently
> passwords
> are required to be at least 8 characters. Obviously the new default
> password "" violates that requirement so at the very least I need to
> allow empty passwords or 8+ character passwords.
>
> Ideally, if there were constraints on the password, they would be
> based on
> some pluggable policy, perhaps associated with the realm implementation,
> and enforced on the server (not the client as they are today). I think
> that's work for a future release...
>
> Several people have been supportive of removing all restrictions on
> password
> length. Unless I hear strong complaints otherwise, that's what I plan
> to do.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>