RE: Suggested "safe" password length

["Chris Berry" <compjma () hotmail com>]

> > From: Ashish Sharma [mailto:ashishs () iitg ernet in]
> > I wanted to have an idea about what should be the suggested range of
> > password lengths and if there is any upper bound.
> > I was told that there is a range upto which your password is
> > encrypted and beyond which the characters are futile. I work on a linux
> > environment with md5 encryption of passwords enabled.
>
> From: "Michael LaSalvia" <mike () genxweb net>
> Many people say 8 or more but I have read some where that multiples
> of 7 are the best to use. It may have been in a class or something I
> heard that.

If you were using the old DES encrypted ones exactly eight characters is 
best, for md5 anything reasonably complex should be fine.  You want 
passwords to be as memorable as possible, their complexity should be in 
direct relation to how long people are allowed to keep them.

Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates

"Ok, so the servers are down, the lights are out, and all I have to work 
with is a roll of duct tape, a ball point pen, a lighter, and a twenty year 
old copy of emacs. Where's the problem?"

_________________________________________________________________
Is your computer infected with a virus?  Find out with a FREE computer virus 
scan from McAfee.  Take the FreeScan now! 
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963


---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------