Re: [Full-disclosure] guidelines for good password policyand maintenance / user centric identity with single passwords(or a small number at most over time)
- From: "<...>" <massimo@xxxxxxxxxxxxx>
- Date: Mon, 27 Mar 2006 05:27:16 +0200
On Mar 26, 2006, at 12:12 PM, Anders B Jansson wrote:
And even then they fail the actual user has a gun at his temple.
Frankly, this is true of just about any authentication scheme.
and it will be strong enough for 95% of the world anyway....
maybe having a different "alarm ringing" password could alert something wrong is happening could be appropriate
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- References:
- [Full-disclosure] guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time)
- From: coderman
- Re: [Full-disclosure] guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time)
- From: Anders B Jansson
- Re: [Full-disclosure] guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time)
- From: James Longstreet
- [Full-disclosure] guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time)
- Prev by Date: [Full-disclosure] Re: [Owasp-dotnet] RE: 4 Questions: Latest IE vulnerability, Firefox vs IE security, User vs Admin risk profile, and browsers coded in 100% Managed Verifiable code
- Next by Date: Re: [Full-disclosure] guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time)
- Previous by thread: Re: [Full-disclosure] guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time)
- Next by thread: Re: [Full-disclosure] guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time)
- Index(es):
Relevant Pages
|
