Educause Security Discussion mailing list archives

Re: Password Cracking & Consequences

From: Scott Bradner <sob () HARVARD EDU>
Date: Fri, 27 Aug 2004 14:16:15 -0400

Not with compromised desktops and phishing attacks around.


so changing forcing a passwd change reduces the window of vulnerability
so if an attack lags the interception of the password by a long time
changing the password helps - but if the attack comes soon after
the compromise changing the passwd does nothing useful

Scott

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.

Current thread:

Re: Password Cracking & Consequences, (continued)
- Re: Password Cracking & Consequences Theresa M Rowe (Aug 27)
- Re: Password Cracking & Consequences Gary Flynn (Aug 27)
- Re: Password Cracking & Consequences Eric Pancer (Aug 27)
- Re: Password Cracking & Consequences Christian Wilson (Aug 27)
- Re: Password Cracking & Consequences Justin Azoff (Aug 27)
- Re: Password Cracking & Consequences Scott Bradner (Aug 27)
- Re: Password Cracking & Consequences Scott Bradner (Aug 27)
- Re: Password Cracking & Consequences Gary Flynn (Aug 27)
- Re: Password Cracking & Consequences Gary Flynn (Aug 27)
- Re: Password Cracking & Consequences Michael Mills (Aug 27)
- Re: Password Cracking & Consequences Scott Bradner (Aug 27)
- Re: Password Cracking & Consequences Michael Mills (Aug 27)
- Re: Password Cracking & Consequences Michael Mills (Aug 27)
- Re: Password Cracking & Consequences Mike Austin (Aug 27)
- Re: Password Cracking & Consequences Davis, Thomas R. (Aug 27)
- Re: Password Cracking & Consequences Gary Flynn (Aug 27)
- Re: Password Cracking & Consequences Gary Flynn (Aug 27)
- Re: Password Cracking & Consequences Michael Mills (Aug 27)
- Re: Password Cracking & Consequences Cal Frye (Aug 28)
- Re: Password Cracking & Consequences Jere Retzer (Aug 28)
- Re: Password Cracking & Consequences Brian Eckman (Aug 29)

(Thread continues...)