contador web Skip to content

Fedora 32 May Prevent User Creation with Blank Passwords

The possibility that Fedora 32 will no longer allow the creation of local users with blank passwords is being considered.

In order to improve system security, Fedora version 32 promises to eliminate the possibility of creating user accounts with blank passwords.

fedora-32-may-prevent-creating-users-with-blank-passwords

Anyone who has already installed, or even just used, a Linux distribution knows about the username password. That password you need to enter every time before you upgrade your system, install new programs, or even remove them. The formats in which these passwords can be created vary from distro to distro. Some distros allow you to create a password of any number of characters, only giving a warning when it is too short. Others set a minimum number of characters for password creation. Some, such as Fedora, allow you to leave the password field blank. That is, this way your user will not be protected by any password.

So far Fedora is one of those distributions that allows the user to leave the password field blank, which is not recommended for most users, but a very practical option for people who install the system on virtual machines, or from tests. In cases where safety is not such an important factor. In these test systems, not having a user password can greatly increase productivity, if one needs to perform various tasks like program installs and removals and handling system files, not having to enter a password all the time actually causes the user gets a few precious seconds.

However, not having a password also weakens the security of the system. Imagine a situation where a newcomer to the Linux world, with Windows as their home system, decides to install a Linux distribution for the first time. At Windows, at some point during the installation, the user is also asked to create a password if he chooses not to use his Microsoft account, but to create a local user. At this point, you can leave this field blank, and in fact what most users do when performing a new installation of Windows.

With this background in mind, when installing a distro for the first time, if the system allows it, it is very likely that this user also chooses to leave the password field blank, without really knowing the risks that such a choice might pose.

That said, the Fedora 32 development team is considering eliminating the possibility of leaving the password field blank for local account creation. The reason for the decision has not yet been confirmed that there is still the cost vs. benefit of such a change. While security would be slightly improved, implementation would also hurt many users using Fedora as a testing system, and no password to improve your workflow. In your opinion, the possibility of leaving the password blank should or should not be removed from the next version of Fedora? Answer in the comments! Do you like Linux and technology? Got a question or problem you can't solve? Come join our community in the Diolinux Plus!

This is all folks!


See an error or would you like to add any suggestions to this article? Collaborate, click here.