Firewall Wizards mailing list archives
Re: Stanford break in
From: Adam Shostack <adam () homeport org>
Date: Thu, 22 Apr 2004 17:24:28 -0400
On Thu, Apr 22, 2004 at 10:47:10AM -0700, Chuck Vose wrote: | Thank you, this was part was especially enlightening. I wonder, I've | read about password generation programs that are supposed to make this | process less painful. In addition to following the guidelines of 7:1:1 | passwords they put in a clever key like ilfb67v = i like fuzzy bunnies, | your birthyear, first letter of last name. Or, as that adds guessable | info which takes the password down to 4 characters in reality, just | something like the I like fuzzy bunnies (only 7 characters long with a | number and a special character.) | | Anyone had any experience with this sort of thing? There's a writeup in Anderson's security engineering which is well worth reading. I'm not summarizing because, well, it's well worth reading. ;) Adam _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Stanford break in, (continued)
- RE: Stanford break in R. DuFresne (Apr 22)
- RE: Stanford break in Chuck Vose (Apr 22)
- RE: Stanford break in Paul D. Robertson (Apr 22)
- RE: Stanford break in Victor Williams (Apr 22)
- RE: Stanford break in R. DuFresne (Apr 22)
- RE: Stanford break in Carric Dooley (Apr 23)
- RE: Stanford break in Victor Williams (Apr 23)
- Re: Stanford break in mlh (Apr 23)
- Re: Stanford break in Luca Berra (Apr 23)
- Re: Stanford break in Adam Shostack (Apr 22)
- Re: Stanford break in Carric Dooley (Apr 23)
- Passwords (was: Stanford break in) Ben Nagy (Apr 23)
- RE: Stanford break in Carric Dooley (Apr 23)
- RE: Stanford break in Paul D. Robertson (Apr 23)
- RE: Stanford break in Vin McLellan (Apr 26)