RE: Linking Password Length to Write-down probability
From: Andrew Aris (andrew_at_dev.bigfishinternet.co.uk)
Date: 05/31/05
- Previous message: Tom Rhodes: "Re: user name from security logs"
- In reply to: Nick Owen: "Re: Linking Password Length to Write-down probability"
- Next in thread: Miguel Dilaj: "RE: Linking Password Length to Write-down probability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <security-basics@securityfocus.com> Date: Tue, 31 May 2005 10:37:56 +0100
Just to add to some of the excellent approaches that have been suggested
here are a couple that I have had success with in the past:
1.) use a password that is a pattern on the keyboard (say three keys up then
three keys down)- most people can learn a pattern of keys to hit quite
quickly and it is very easy to remember as they only really need to know the
shape and the starting point. It also makes updateing passwords relatively
easy as you can simply shift the starting key. This gives them only one new
bit of information to "learn"
eg - "de34rf" is in password terms very different than "bgtyhn" but the
typing pattern is the same.
2.) Have the user pick some text that is visible to them when sat at their
desk but that isnt obviously a password - like a model name written on the
front of a monitor, of the name written on a file or book. Remembering it
works in the same way as postit note on the monitor - they just need to
"remeber" where to look but its much more secure because it doesnt scream
"password" at people.
cheers,
Andrew
- Previous message: Tom Rhodes: "Re: user name from security logs"
- In reply to: Nick Owen: "Re: Linking Password Length to Write-down probability"
- Next in thread: Miguel Dilaj: "RE: Linking Password Length to Write-down probability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
