Re: Linking Password Length to Write-down probability
From: Dan Tesch (dan.tesch_at_comcast.net)
Date: 05/27/05
- Previous message: Nick Owen: "Re: Linking Password Length to Write-down probability"
- In reply to: Doug.Janelle_at_Thermo.com: "Re: Linking Password Length to Write-down probability"
- Next in thread: Gonzalo Martinez: "Re: Linking Password Length to Write-down probability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <security-basics@securityfocus.com> Date: Fri, 27 May 2005 10:44:19 -0500
Following this thread makes me think about the proprietary app(s) my company
uses that don't allow anything longer than an eight character psswd. and to
top
it off isn't case sens!
>
>
> It seems obvious that the longer/more complex the
> password, the more likely the user is to write it down,
> so I'm not sure that such a study would really yield any
> new insight. What I've taken to doing is stressing the idea
> of a passphrase instead of a password, then using the
> initial letters of each word, and mixing caps.other characters
> as needed for complexity, so:
>
> "My dog used to have fleas but he ate them" becomes "Mdu2Hfbh8T"
>
> 10 characters, rather than 8, upper-lower-numeric, but still a
> password the user can be reasonably expected to remember.
>
> dcj2
>
>
>
>
>
> Stian
--------------------------------------------------------------------------------
- Previous message: Nick Owen: "Re: Linking Password Length to Write-down probability"
- In reply to: Doug.Janelle_at_Thermo.com: "Re: Linking Password Length to Write-down probability"
- Next in thread: Gonzalo Martinez: "Re: Linking Password Length to Write-down probability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
