Firewall Wizards mailing list archives
RE: "Proactive" Password Checking
From: bhe () it aarhus dk
Date: Fri, 12 Nov 1999 09:41:02 +0100
"Eric Toll" <etoll () syracusesupply com> wrote:
Just read this password checking thread and a lot of you seem to say, some things which seem a bit strange to me. A complex password does not have to be something like "$5dsdDe%AzW3q" this is hard to crack and hard to remember. (users forgetting or writing it down) Now consider the password "maryhadalittlelamb" hard to crack, easy to remember, not a problem for dictionary crackers. Just tell users to put a few words _together_ for security, like their favorite song lyric or something.
You have to consider the redundancy in english (which is about 50% IIR). So a random password with x characters is as secure as a password in english with 2x characters! -- |mvh Bjørn Hee |Århus Kommunes IT-afdeling |
Current thread:
- RE: "Proactive" Password Checking, (continued)
- RE: "Proactive" Password Checking daN. (Nov 15)
- Re: "Proactive" Password Checking Eric Toll (Nov 10)
- Re: "Proactive" Password Checking Rick Smith (Nov 11)
- Re: "Proactive" Password Checking Eric Budke (Nov 14)
- Message not available
- Re: "Proactive" Password Checking Eric Budke (Nov 17)
- Re: "Proactive" Password Checking Rick Smith (Nov 11)
- Re: "Proactive" Password Checking Rick Smith (Nov 14)
- RE: "Proactive" Password Checking Andreas Gunnarsson (Nov 14)
- Re: "Proactive" Password Checking Dorian Moore (Nov 14)
- Re: "Proactive" Password Checking Joseph S D Yao (Nov 17)
- Re: "Proactive" Password Checking Joseph S D Yao (Nov 17)