Re: Strong Passwords Revisited
From: Jeff Williams (frostback1963@yahoo.com)
Date: 01/21/03
- Next message: Lohkee: "Re: Strong Passwords Revisited"
- Previous message: Ernst-Udo Wallenborn: "Re: Strong Passwords Revisited"
- In reply to: Lohkee: "Strong Passwords Revisited"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Jeff Williams" <frostback1963@yahoo.com> Date: Tue, 21 Jan 2003 15:49:00 -0600
...snip...
Very interesting posting. Good job.
One problem with "strong" passwords is that they're very hard to remember.
"zucchini" is easy to remember. "*&cFho4#" is, for most people I know, hard
to remember. What are such people likely to do with hard passwords?
They're going to write them down (and often post them on a yellow sticky on
their freakin' monitor). This is not very good from a security perspective.
I've often wondered why passwords seem to be limited to 8 or 10 characters.
Why not limit them to, say, 32 or 64 characters and let people use phrases
that they can easily remember? Many people have a vast repository of
remembered pop songs. Others memorize scripture or poetry. Such phrases do
serious damage to the concept of dictionary attacks as well as to BFI
attacks.
- Next message: Lohkee: "Re: Strong Passwords Revisited"
- Previous message: Ernst-Udo Wallenborn: "Re: Strong Passwords Revisited"
- In reply to: Lohkee: "Strong Passwords Revisited"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
