bin/58877: passwd unnecessarily rejects lowercase passwords

[James Cook <falsifian%falsifian.org@localhost>]

>Number:         58877
>Category:       bin
>Synopsis:       passwd unnecessarily rejects lowercase passwords
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bin-bug-people
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Thu Dec 05 23:00:00 +0000 2024
>Originator:     =09
>Release:        NetBSD 10.0
>Organization:
James
>Environment:
System: NetBSD ucl.h.falsifian.org 10.0 NetBSD 10.0 (GENERIC) #0: Thu Mar 2=
8 08:33:33 UTC 2024 mkrepro%mkrepro.NetBSD.org@localhost:/usr/src/sys/arch/amd64/comp=
ile/GENERIC amd64
Architecture: x86_64
Machine: amd64
>Description:
        I prefer to use a randomly-generated all-lowercase password.
        When I supply it to passwd, the session goes like this:

		$ passwd
		Changing password for falsifian.
		Old Password:
		New Password:
		Retype New Password:
		Please don't use an all-lower case password.
		Unusual capitalization, control characters or digits are suggested.
		New Password:
		Retype New Password:

        For me personally this "don't use an all lower-case password"
        rule is annoying and unhelpful. (12 randomly-generated
        characters is fairly secure IMO.)

        I guess the point is to encourage higher-entropy passwords,
        but I don't know that works.

	I brought this up on IRC and it was suggested I file a PR.

        (If the current behaviour is kept, at least the first "Retype
        New Password:" prompt should be skipped to save the user
        some time.)
>How-To-Repeat:
        Run the passwd command. Enter an all-lowercase password
        when prompted for a new password, and the same one again
        when prompted to retype.
>Fix:
	Just enter the all-lowercase password again after the nag.