Re: [Full-disclosure] guidelines for good password policyand maintenance / user centric identity with single passwords(or a small number at most over time)




On Mar 26, 2006, at 12:12 PM, Anders B Jansson wrote:

And even then they fail the actual user has a gun at his temple.

Frankly, this is true of just about any authentication scheme.


and it will be strong enough for 95% of the world anyway....
maybe having a different "alarm ringing" password could alert something wrong is happening could be appropriate


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/