Security Basics mailing list archives
RE: Password creating Theories
From: "dave kleiman" <dave () isecureu com>
Date: Wed, 16 Nov 2005 14:39:09 -0500
Saqib, I have been tasked with tech-editing the book (with Mark that is fairly easy job). I feel one of the great benefits to this book is Mark has explained things in a way the most novice of users can understand. Now there are some chapters that are for the Admin type users where he goes into Rainbow tables and such. However, this is book to help ease the Admins job, you as an Admin could give this book to your end users and they would begin to "see the light" of what you are trying to accomplish in a password policy. Additionally, it may help some of the super-techie Admins understand why the end user was not grasping the concept. An example: 1 of many cool methods Mark uses to show the affect of password length, is using the old Bicycle Combination locks, you know the old 3 digit ones we all had or saw as kids, and how long it would take to crack, as opposed to one with just 1 or 2 more digits. All I can say is a spent about 3 hours out in the garage.... It is a fun and excellent book. (Note: I do not get a dime for any sales of the book) Dave -----Original Message----- From: Andrew Williams [mailto:Andrew () Syngress com] Sent: Tuesday, November 15, 2005 16:35 To: Saqib Ali Cc: Jennifer Fountain; security-basics () securityfocus com Subject: RE: Password creating Theories When I first started discussing the book with the author (Mark Burnett), I thought a whole book on the topic seemed a bit much as well. But, the more I saw of Mark's manuscript, the more intrigued/interested I became in the idea. The book is relatively short, 200 pages total. So, we realized this couldn't be a door stop. The book is for both sys admins/infosec pros as well as users. One of the book's primary goals is to provide admins w/ strategies and polices they can convey to their users so that users will consistently create strong passwords that they can actually remember as well. It is also kind of a fun read with interesting facts, stats, etc.; like the 500 worst passwords of all time, etc. Best, A > -----Original Message----- > From: Saqib Ali [mailto:docbook.xml () gmail com] > Sent: Tuesday, November 15, 2005 4:18 PM > To: Andrew Williams > Cc: Jennifer Fountain; security-basics () securityfocus com > Subject: Re: Password creating Theories > > having a whole book dedicated to Password building seems an > overkill.... > > who will be the target audience?- > > On 11/15/05, Andrew Williams <Andrew () syngress com> wrote: > > We're actually about to publish a book on ideas/strategies for > > building passwords and password policies. We have a sample chapter > > available on > > In Peace, > Saqib Ali > http://www.xml-dev.com/blog/ > Consensus is good, but informed dictatorship is better. >
Current thread:
- Re: Password creating Theories, (continued)
- Re: Password creating Theories Gaddis, Jeremy L. (Nov 16)
- Re: Password creating Theories Ansgar -59cobalt- Wiechers (Nov 16)
- Re: Password creating Theories Justin (Nov 16)
- Re: Password creating Theories Steve.Cummings (Nov 15)
- RE: Password creating Theories dave kleiman (Nov 16)
- RE: Password creating Theories Andrew Williams (Nov 15)
- Re: Password creating Theories Saqib Ali (Nov 16)
- FW: Password creating Theories Christopher Carpenter (Nov 16)
- Re: FW: Password creating Theories Jonathan Loh (Nov 21)
- RE: Password creating Theories Andrew Williams (Nov 16)
- RE: Password creating Theories dave kleiman (Nov 16)
- RE: Password creating Theories David Fiore (Nov 21)
- RE: Password creating Theories dave kleiman (Nov 16)
- RE: Password creating Theories dave kleiman (Nov 16)
- Re: Password creating Theories Neksus (Nov 16)
- RE: Password creating Theories Bob Kurth (Nov 16)
- Password creating Theories underwood-de (Nov 17)
- RE: Password creating Theories Andrew Williams (Nov 21)