Security Basics mailing list archives
Re: Bank Of Montreal Online Security
From: "Alexander A. Kelner" <a.kelner () noc brsi ru>
Date: Thu, 1 Nov 2012 22:23:38 +0400 (MSK)
On Thu, 1 Nov 2012, Juan F. Campos - Computalleres.com wrote:
Date: Thu, 01 Nov 2012 08:57:10 -0600 From: Juan F. Campos - Computalleres.com <jfcampos () computalleres com> To: security-basics () securityfocus com Subject: Re: Bank Of Montreal Online Security Resent-Date: Thu, 1 Nov 2012 08:57:07 -0700 (PDT) Resent-From: security-basics-return-58253-a.kelner=noc.brsi.ru () securityfocus com On 10/31/2012 02:49 PM, Alexander A. Kelner wrote:On Wed, 31 Oct 2012, Dave Kleiman wrote:Date: Wed, 31 Oct 2012 09:26:30 -0500 From: Dave Kleiman <dave () davekleiman com> To: "security-basics () securityfocus com" <security-basics () securityfocus com> Subject: RE: Bank Of Montreal Online Security Resent-Date: Wed, 31 Oct 2012 09:07:10 -0700 (PDT) Resent-From: security-basics-return-58248-a.kelner=noc.brsi.ru () securityfocus com Alexander, >>> Which password length is more secure - that is a question.<<< If you used the above statement, just as you typed it, as your password (passphrase), would it not both much stronger than 6 characters and very easy to remember?Hi Dave! Yes, it's very easy to remember, but I think this method for password setting is not as strong as it may appears :-) The phrase "Which password length is more secure - that is a question" contains not 58 "random chars", but 11 only, because each word must be considered as a single symbol in the vocabulary, say for brute force attack.Yet it is possible to have a "single symbol" that is hard to guess/crack. You can associate a phrase that include random chars and is easy to remember. Please take a look over here (Sophos - Choosing a Strong Password) http://www.youtube.com/watch?v=VYzguTdOmmU
IMHO it's more easy to remember 8 random chars then perform lots of manipulations every time when you need to restore your password :-)
....If you bring some order (the way for easy memorizing) into your password you decrease it's strength. Well, and now try to type above phrase in invisible mode and don't make mistake :-) Though, IMHO six chars passwords are too short. I like at least 8 :-)-- Best regards, Juan F. Campos | PGP Key ID: 0xDB880578 ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
--- Alexander A. Kelner Senior engineer CT Network Operation Center RosTelecom - Bryansk ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- RE: Bank Of Montreal Online Security Globalart4u Enquiries (Nov 01)
- <Possible follow-ups>
- Re: Bank Of Montreal Online Security Alexander Meesters (Nov 01)
- Re: Bank Of Montreal Online Security Davin Enigl (Nov 01)
- RE: Bank Of Montreal Online Security Hough, Kenneth P (Nov 01)
- RE: Bank Of Montreal Online Security Alexander A. Kelner (Nov 01)
- Re: Bank Of Montreal Online Security Michael Peppard (Nov 01)
- Re: Bank Of Montreal Online Security Davin Enigl (Nov 02)
- RE: Bank Of Montreal Online Security Mike Vella (Nov 02)
- Re: Bank Of Montreal Online Security Alexander A. Kelner (Nov 01)
- Re: Bank Of Montreal Online Security Davin Enigl (Nov 02)
- Re: Bank Of Montreal Online Security Davin Enigl (Nov 02)
- Re: Bank Of Montreal Online Security Davin Enigl (Nov 04)
- RE: Bank Of Montreal Online Security Ken Schaefer (Nov 23)
- Re: Bank Of Montreal Online Security Nathan V (Nov 26)