Firewall Wizards mailing list archives
Re: Passwords (was: Stanford break in)
From: Dana Nowell <DanaNowell () cornerstonesoftware com>
Date: Mon, 26 Apr 2004 09:57:07 -0400
At 04:44 PM 4/23/2004 -0400, Paul D. Robertson wrote:
On Fri, 23 Apr 2004, Dana Nowell wrote:Bottom line: do NOT, repeat, do NOT put ANY confidence in 'salts' saving your A**. The best defense is to not be in anyone's dictionary in the first place. Pick a password carefully and change it regularly.Filling in the dictionary isn't that hard, and adding to it to generate the "empty space" isn't all that bad for smaller lengths...
<snip>
Bottom line: Reusable passwords still suck. :)
Yup. But I thought the premise was 'gotta use' reusable passwords. Given the requirement, you do what you can (1- attempt to change stupid requirement (out of scope), 2- attempt to live with stupid requirement, 3- find new job (out of scope, we're not hiring:-)) I was attmepting to help with part 2. -- Dana Nowell Cornerstone Software Inc. Voice: 603-595-7480 Fax: 603-882-7313 email: DanaNowell_at_CornerstoneSoftware.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Passwords (was: Stanford break in) Dana Nowell (Apr 23)
- Re: Passwords (was: Stanford break in) Paul D. Robertson (Apr 23)
- Re: Passwords (was: Stanford break in) Dana Nowell (Apr 27)
- Re: Passwords (was: Stanford break in) Adam Shostack (Apr 23)
- Re: Passwords (was: Stanford break in) Paul D. Robertson (Apr 23)