Educause Security Discussion mailing list archives
Re: Password entropy
From: Roger Safian <r-safian () NORTHWESTERN EDU>
Date: Thu, 20 Jul 2006 08:20:31 -0500
At 04:55 PM 7/19/2006, Valdis Kletnieks put fingers to keyboard and wrote:
On Wed, 19 Jul 2006 14:51:25 CDT, Roger Safian said:BTW - I should also say that I am pretty sure that most users will find it easier to type words rather than a mixture of characters, although I have no real proof to back that up.An important consideration here is that a string of words is easier to type, which means that the typing speed goes up. It's much harder to shoulder-surf a 10 word passphrase from somebody typing at 40wpm than it is to shoulder-surf 10 random letters from the same somebody who has dropped to near hunt-n-peck speeds because the letters don't form a "natural" sequence. I know *I* can type the first 10 words of Styx's "This Old Man" from the Crystal Ball album a lot faster than I can do the whole "This starts with T, Old starts with O, then M, H, T, M, M, T, T, U...."
Absolutely. IMO, I think we have spent to much energy focusing on the strength of the passphrase instead of the user experience. -- Roger A. Safian r-safian () northwestern edu (email) public key available on many key servers. (847) 491-4058 (voice) (847) 467-6500 (Fax) "You're never too old to have a great childhood!"
Current thread:
- Re: Password entropy, (continued)
- Re: Password entropy Roger Safian (Jul 19)
- Re: Password entropy Roger Safian (Jul 19)
- Re: Password entropy Roger Safian (Jul 19)
- Re: Password entropy David Gillett (Jul 19)
- Re: Password entropy Roger Safian (Jul 19)
- Re: Password entropy scott hollatz (Jul 19)
- Re: Password entropy Valdis Kletnieks (Jul 19)
- Re: Password entropy Dave Koontz (Jul 19)
- Re: Password entropy Basgen, Brian (Jul 19)
- Re: Password entropy Basgen, Brian (Jul 19)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Graham Toal (Jul 20)
- Re: Password entropy Valdis Kletnieks (Jul 20)
- Re: Password entropy Basgen, Brian (Jul 20)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Basgen, Brian (Jul 20)
- Re: Password entropy Harold Winshel (Jul 20)
(Thread continues...)