RE: Password creating Theories

• Previous message: Jonathan Loh: "Re: FW: Password creating Theories"
• In reply to: dave kleiman: "RE: Password creating Theories"
• Next in thread: Neksus: "Re: Password creating Theories"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "dave kleiman" <dave@isecureu.com>, <security-basics@securityfocus.com>
Date: Fri, 18 Nov 2005 11:26:57 -0500

Guys,

What is the Title of the book? I'd like to purchase it since I'm in the
same boat that Jennifer is in.

Thanks,

David
( I live for user training :) )

-----Original Message-----
From: dave kleiman [mailto:dave@isecureu.com]
Sent: Wednesday, November 16, 2005 2:39 PM
To: security-basics@securityfocus.com
Cc: 'Jennifer Fountain'; 'Andrew Williams'; 'Saqib Ali'
Subject: RE: Password creating Theories

Saqib,

I have been tasked with tech-editing the book (with Mark that is fairly easy
job).

I feel one of the great benefits to this book is Mark has explained things
in a way the most novice of users can understand. Now there are some
chapters that are for the Admin type users where he goes into Rainbow tables
and such.

However, this is book to help ease the Admins job, you as an Admin could
give this book to your end users and they would begin to "see the light" of
what you are trying to accomplish in a password policy.

Additionally, it may help some of the super-techie Admins understand why the
end user was not grasping the concept.

An example: 1 of many cool methods Mark uses to show the affect of password
length, is using the old Bicycle Combination locks, you know the old 3 digit
ones we all had or saw as kids, and how long it would take to crack, as
opposed to one with just 1 or 2 more digits. All I can say is a spent about
3 hours out in the garage....

It is a fun and excellent book. (Note: I do not get a dime for any sales of
the book)

Dave

     -----Original Message-----
     From: Andrew Williams [mailto:Andrew@Syngress.com]
     Sent: Tuesday, November 15, 2005 16:35
     To: Saqib Ali
     Cc: Jennifer Fountain; security-basics@securityfocus.com
     Subject: RE: Password creating Theories

     When I first started discussing the book with the author
     (Mark Burnett), I thought a whole book on the topic seemed
     a bit much as well. But, the more I saw of Mark's
     manuscript, the more intrigued/interested I became in the idea.

     The book is relatively short, 200 pages total. So, we
     realized this couldn't be a door stop. The book is for
     both sys admins/infosec pros as well as users. One of the
     book's primary goals is to provide admins w/ strategies
     and polices they can convey to their users so that users
     will consistently create strong passwords that they can
     actually remember as well.

     It is also kind of a fun read with interesting facts,
     stats, etc.; like the 500 worst passwords of all time, etc.

     Best,
     A

> -----Original Message-----
> From: Saqib Ali [mailto:docbook.xml@gmail.com]
> Sent: Tuesday, November 15, 2005 4:18 PM
> To: Andrew Williams
> Cc: Jennifer Fountain; security-basics@securityfocus.com
> Subject: Re: Password creating Theories
>
> having a whole book dedicated to Password building seems an
> overkill....
>
> who will be the target audience?-
>
> On 11/15/05, Andrew Williams <Andrew@syngress.com> wrote:
> > We're actually about to publish a book on ideas/strategies for
> > building passwords and password policies. We have a
     sample chapter
> > available on
>
> In Peace,
> Saqib Ali
> http://www.xml-dev.com/blog/
> Consensus is good, but informed dictatorship is better.
>

• Previous message: Jonathan Loh: "Re: FW: Password creating Theories"
• In reply to: dave kleiman: "RE: Password creating Theories"
• Next in thread: Neksus: "Re: Password creating Theories"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]