funsec mailing list archives
Re: While we're all trying to fix politics, economics, etc.
From: Charlie Derr <cderr () simons-rock edu>
Date: Tue, 05 Feb 2013 13:44:25 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/05/2013 01:20 PM, Valdis.Kletnieks () vt edu wrote:
On Tue, 05 Feb 2013 12:49:44 -0500, Rich Kulawiec said:I have a question. Please to consider the following candidate password: S.3-t=2ga+Zilg59CEkp4 I'm curious as to how y'all would classify that on a scale of weak-to-strong.The answer is "it depends". It's a "strong" password if your threat model includes rainbow tables and dictionary attacks and brute force. It's a "insanely weak" password if your thread model includes keystroke loggers and people spotting the post-it note on the monitor.
Aren't all passwords "insanely weak" for threat models that include keystroke loggers and spotting the post-it on the monitor? ~c -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJREVMJAAoJELuLPXMxqTZ/q9sP/RpsJ48LeXFe9nt2wtbp9vQE Y0GWmnLatJDdSX8Q+zHZXAEF2kY5MoxbOkoREh3ZlnFa54pzEN2fMzhOpRBuKnAN dLD7XDXAEP5Y3QNsxpRiiaXZ9ytP2QLh8yNYShQfjXKIdLh5rOjZsCHYhTJqGSKm nL69CvJkvNTMtqFzN9csXs7X8lvFZlKuhYjGUIU5h7Zh6KO9AW/vDCbLUZ9bZoaU vsvq0EheiYV5WDru/48bKJ5HSf28VtGBGAXoGzqPwPFQq5DBK8bFh6TKRmK8rZxB MeUzexk2PKimfjA0aIXZFR6/RBmdDNwCIthaUQzgH2bWBWYnW2Ia+olBZJ3xRPnT 4h94Z5QaK53lziGrg/y0T8HxQX2r6jBav9R/0ivzTZa3r+ylNNaXlNObsUwE30eI HvxqIJFCUmhrZbXqo7pIobtG3jtYsSrI2xO6GW+s4Yk93CfEq+olehYXtsSVV9/g V/FwEr1FU1pCmPNrvkcj+9jIwaxK9XAxYyXJz0t2z7EPZIW15Aos+lWf4J2oYpsL YAhNwHJL+dDDSz+vZ8VhE3n8+ySalZJfBE/x2yBOAvvBen7chBpwhI2i+ZDPjmPC x13OKV1ZdWPl7mO3UV1f2GV9dZ6s+HTdW46JAIZgOlubCZFKDFU3N+kbkIovbAMW WpzcXfG0wVm5HUbLXvX4 =XXYL -----END PGP SIGNATURE----- _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- While we're all trying to fix politics, economics, etc. Rich Kulawiec (Feb 05)
- Re: While we're all trying to fix politics, economics, etc. Valdis . Kletnieks (Feb 05)
- Re: While we're all trying to fix politics, economics, etc. Charlie Derr (Feb 05)
- Re: While we're all trying to fix politics, economics, etc. Jeffrey Walton (Feb 05)
- Re: While we're all trying to fix politics, economics, etc. Les Bell (Feb 05)
- Re: While we're all trying to fix politics, economics, etc. Valdis . Kletnieks (Feb 05)
- Re: While we're all trying to fix politics, economics, etc. Charlie Derr (Feb 05)
- Re: While we're all trying to fix politics, economics, etc. Paul Ferguson (Feb 05)
- Re: While we're all trying to fix politics, economics, etc. Blanchard, Michael (InfoSec) (Feb 05)
- Re: While we're all trying to fix politics, economics, etc. Jeffrey Walton (Feb 05)
- Re: While we're all trying to fix politics, economics, etc. Rich Kulawiec (Feb 06)
- Re: While we're all trying to fix politics, economics, etc. Blanchard, Michael (InfoSec) (Feb 06)
- Re: While we're all trying to fix politics, economics, etc. Valdis . Kletnieks (Feb 05)