Firewall Wizards mailing list archives
Re: "Proactive" Password Checking
From: Alec Muffett <alecm () coyote uk sun com>
Date: Fri, 05 Nov 1999 16:38:40 +0000
At 06:19 AM 11/3/99 -0800, Jim Raykowski wrote: If you really, really want to have hard to crack passwords and you want to avoid having them in writing, then leave passwords in place for a year or more at a time. That gives people a chance to memorize them. Once memorized, the pieces of paper will start to disappear, reducing the risk of one being found.
FWIW I have stopped telling people not to write passwords down, in favour of telling them to select (or have forced upon them) very complex passwords, and telling them to write them down and keep the paper safe if needs be. This will remain my policy until crypt(3) is dead and replaced by *ubiquitous* MD5 (or better) with passphrase capability. The crypt(3) keyspace is too damned small. Ask me offline. This is widely off-topic, so I shall shut-up, now. - alec -- alec muffett, sun professional services, alec.muffett @ uk.sun.com don't drink the sludge
Current thread:
- "Proactive" Password Checking Jim Raykowski (Nov 04)
- Re: "Proactive" Password Checking Joseph S D Yao (Nov 05)
- Re: "Proactive" Password Checking Bill Pennington (Nov 05)
- Re: "Proactive" Password Checking Stefan Wagner (Nov 05)
- Re: "Proactive" Password Checking Rick Smith (Nov 05)
- Re: "Proactive" Password Checking Alec Muffett (Nov 06)
- RE: "Proactive" Password Checking Anton J Aylward (Nov 06)
- RE: "Proactive" Password Checking Kurt Buff (Nov 06)
- Re: "Proactive" Password Checking Frank O'Dwyer (Nov 18)
- <Possible follow-ups>
- RE: "Proactive" Password Checking Moore, James (Nov 06)
- RE: "Proactive" Password Checking Russ (Nov 06)
- Re: "Proactive" Password Checking REID FOX (Nov 06)
- RE: "Proactive" Password Checking Moore, James (Nov 08)
- RE: "Proactive" Password Checking Russ (Nov 09)
- RE: "Proactive" Password Checking Eric Toll (Nov 10)
- Re: "Proactive" Password Checking Joseph S D Yao (Nov 10)
(Thread continues...)