Security Basics mailing list archives
Re: passwords
From: "jl" <jl () vidcrew4u net>
Date: Wed, 19 Feb 2003 16:25:13 -0600
I've learned to rely on a little windows program that seem to fit our password needs. I've been, and still am, the 30 day believer for good security at the desktop. The programs that we use to generate these passwords are small, free, and very flexible in the results that you want from your generation needs. We simply generate a random list of passwords that are available for distribution. We insert the first XYZ set of numbers for IT to use as departmental, personnel, or divisional markers, and then use the program to generate our list. We do this quarterly, so that we always have enough passwords generated for a designated area on hand. For those that are password immune, (meaningg refuse to comply with change requirements) we've come to rely on these programs random generating capabilities to help with quick passwords that these people seem to be able to live with. ========= These programs are: Maskingpassword generator. Shareware, $10.00 us to buy. You can take a look at it at: http://www.accusolve.biz/ OVERVIEW: Generate random passwords or numbers based on any conceivable pattern. The program can be run in the System Tray, so passwords can be generated from within any Windows application by pressing a user-defined or default key combination. This version features random-length passwords and character set customization and the second program: Pins. Freeware, you can't beat that. http://www.mirekw.com/ OVERVIEW: PINs stores data with the 448-bit Blowfish algorithm. PINs can be safely run even on a public computer. It can also run directly from a floppy without any installation. Features include: Unlimited entries and data files Tree-like data organization allows logical grouping of systems and accounts Safe files wiping using Gutmann, DoD and custom methods ===== I'm not a big believer in desktop storage with pins, but if you're deploying self governed password generation, it's not a bad way to go. It's also very simple to use, and can run from a floppy if needed. On Tue, 18 Feb 2003 15:13:36 -0500 (EST), multics () ruserved com wrote:
Only if you are sure they are selecting good passwords. It also depends on how secure your network is and the access path between the users and the mail server. If users are writing down or choosing insicure passwords due to problems remembering the new ones then you may be introducing more problems then you are solving.Hello all, one of the favorite subjects in my company seems to be the strength of passwords. We force our users to change their mail password every 90 days. Does this make sense? Why? -- ullmic-- Richard Shetron multics () ruserved com multics () acm rpi edu NO UCE What is the Meaning of Life? There is no meaning, It's just a consequence of complex carbon based chemistry; don't worry about it The Super 76, "Free Aspirin and Tender Sympathy", Las Vegas Strip.
Current thread:
- passwords ullmic6 (Feb 18)
- RE: passwords Robert Sieber (Feb 19)
- RE: passwords Jeff Harris (Feb 20)
- Re: passwords simsjs (Feb 19)
- Re: passwords multics (Feb 19)
- Re: passwords jl (Feb 20)
- Re: passwords Ross Nelson (Feb 19)
- RE: passwords Tim V - DZ (Feb 19)
- <Possible follow-ups>
- Re: passwords eer7y3n0h (Feb 19)
- Re: passwords Chris Berry (Feb 19)
- RE: passwords Robinson, Sonja (Feb 19)
- RE: passwords Vince Dang (Feb 20)
- RE: passwords Chris Berry (Feb 20)
- Re: passwords Chris Berry (Feb 20)
- RE: passwords Shanna Daly (Feb 20)
- RE: passwords Trevor Cushen (Feb 20)
(Thread continues...)
- RE: passwords Robert Sieber (Feb 19)