Re: proper password handling

["Gregory Rubin" <grrubin () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I try to use passphrases and find them much easier to remember than
standard passwords, but unfortunately some of the systems that I'm on
enforce specific length passwords (such as eight characters).

The solution that I've used (which won't work for everyone) is to take
a foreign word, mis-transliterate it, and then mix in symbols.

Example:
Konichiwa (Japanese word roughly meaning "hello")
koneciva
k0N3c!V@ <= Password

While the result may not be truly random, its pretty good and isn't
too difficult to remember because you just need to remember
"Konichiwa" and the password will return to mind.

Greg
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (MingW32) - WinPT 0.11.9
Comment: http://rubin.desktop:8888/greg_rubin.asc - Amazon Internal Access Only

iD8DBQFFJqlu5KDU23nQpRcRAmNNAJ9j/v6ICYcLVnlEzO+hxL/eCR6tBgCg3z50
Q0P0WfFalSYN6jTw8bNS+o8=
=wpaR
-----END PGP SIGNATURE-----


On 5 Oct 2006 19:42:24 -0000, krymson () gmail com <krymson () gmail com> wrote:
> While I do like Bruce's idea and find that quite acceptable, you can also use passphases that are not terrible to 
> remember and can be secure enough.

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------