Re: [Full-Disclosure] Senior M$ member says stop using passwords completely!

From: Danny (nocmonkey_at_gmail.com)
Date: 10/20/04

  • Next message: Thor Larholm: "RE: How to Break Windows XP SP2 + Internet Explorer 6 SP2"
    To: Georgi Guninski <guninski@guninski.com>
    Date: Wed, 20 Oct 2004 10:56:37 -0400
    
    

    On Wed, 20 Oct 2004 17:01:56 +0300, Georgi Guninski
    <guninski@guninski.com> wrote:
    > the poor m$ guy updated his blog.
    >
    > looks like he uses Excel(tm) for solving crypto problems.
    [...]
    Georgi, passwords vs. passphrases, which do you recommend?

    ...D

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Thor Larholm: "RE: How to Break Windows XP SP2 + Internet Explorer 6 SP2"

    Relevant Pages

    • Re: Password alternatives
      ... Unlike passwords, biometrics do have the problem of False Accept Rate ... As for tokens, AFAIK they rely on ... passphrases as a string of characters, ...
      (Security-Basics)
    • Re: Hash MD5, Sha1 and Length
      ... characters. ... When you say passphrases you mean that when using passwords a space ... Yes yes I will keep salt a fixed length. ...
      (microsoft.public.dotnet.languages.csharp)
    • Re: Reasons and examples for security
      ... A phrase like "the four brown cows jump" will take on the order of hundreds ... agree that long passphrases are the future, ... > otherwise compromised passwords by invalidating them. ... >> I am looking for examples to support my case for tighter security. ...
      (microsoft.public.security)
    • Re: Passwords: length vs. complexity
      ... Rather 90-95 (62 alphanumeric characters plus a number of special ... If we're talking about strong passwords, ... They're just not as secure as the proponents of passphrases make it ... enforces complexity requirements that are standard in Windows (three ...
      (Security-Basics)
    • Re: Password generator?
      ... Try teaching your users using "passphrases" - sentences that are actual passwords - using all kinds of characters like,.#! ...
      (microsoft.public.security)