Security Basics mailing list archives
RE: Suggested "safe" password length
From: "Chris Berry" <compjma () hotmail com>
Date: Fri, 14 Nov 2003 14:25:48 -0800
From: Ashish Sharma [mailto:ashishs () iitg ernet in] I wanted to have an idea about what should be the suggested range of password lengths and if there is any upper bound. I was told that there is a range upto which your password is encrypted and beyond which the characters are futile. I work on a linux environment with md5 encryption of passwords enabled.From: "Michael LaSalvia" <mike () genxweb net> Many people say 8 or more but I have read some where that multiples of 7 are the best to use. It may have been in a class or something I heard that.
If you were using the old DES encrypted ones exactly eight characters is best, for md5 anything reasonably complex should be fine. You want passwords to be as memorable as possible, their complexity should be in direct relation to how long people are allowed to keep them.
Chris Berry compjma () hotmail com Systems Administrator JM Associates"Ok, so the servers are down, the lights are out, and all I have to work with is a roll of duct tape, a ball point pen, a lighter, and a twenty year old copy of emacs. Where's the problem?"
_________________________________________________________________Is your computer infected with a virus? Find out with a FREE computer virus scan from McAfee. Take the FreeScan now! http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
--------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCEThe Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- Re: Suggested "safe" password length, (continued)
- Re: Suggested "safe" password length Alessandro (Nov 16)
- Re: Suggested "safe" password length Tomas Wolf (Nov 17)
- Re: Suggested "safe" password length Steve (Nov 17)
- Re: Suggested "safe" password length Patrick M Darienzo Jr (Nov 16)
- RE: Suggested "safe" password length dave kleiman (Nov 17)
- RE: Suggested "safe" password length JohnNicholson (Nov 16)
- RE: Suggested "safe" password length Ben Cain (Nov 17)
- RE: Suggested "safe" password length dave kleiman (Nov 17)
- RE: Suggested "safe" password length Smith, KC (Nov 16)
- Re: Suggested "safe" password length Simon Gray (Nov 17)
- RE: Suggested "safe" password length Chris Berry (Nov 17)
- Re: Suggested "safe" password length Rodrigo Otaviano (Nov 17)
- RE: Suggested "safe" password length Inlow, Richard N (Nov 17)
- RE: Suggested "safe" password length CHRIS GRABENSTEIN (Nov 17)
- RE: Suggested "safe" password length CHRIS GRABENSTEIN (Nov 17)
- Re[2]: Suggested "safe" password length Vishal (Nov 17)
- RE: Suggested "safe" password length Kenneth Buchanan (Nov 18)
- Re: Suggested "safe" password length No God (Nov 20)
- RE: Suggested "safe" password length Chris Berry (Nov 20)
- Re: Re[2]: Suggested "safe" password length Chris Berry (Nov 21)
- Re[4]: Suggested "safe" password length Vishal (Nov 23)