Re: FAQ: How can I generate good strong passwords?

From: John Navas (spamfilter0_at_navasgroup.com)
Date: 10/13/05 

Date: Thu, 13 Oct 2005 17:59:34 GMT

[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]

In <dim553$ne0$1@blue.rahul.net> on Thu, 13 Oct 2005 17:22:43 +0000 (UTC),
dold@XReXXFAQXX.usenet.us.com wrote:

>I have also been using a javascript that I saved to my PC.
>http://www.warewolflabs.com/portfolio/programming/wlanskg/wlanskg.html
>There is no access to the web.

Based only on simple iteration of the Javascript random number generator,
so digit sequencing is predictable, and no better than the real randomness of
the generator in any event.

>I have been using a encrypted zip of plaintext hints on a flash drive.
>...

Standard ZIP encryption can often be cracked with a known plaintext attack.
<http://www.elcomsoft.com/help/archpr/index.html?page=known_plaintext_attack_(zip).html>
This can even work when the start of the encrypted ZIP file is simply guessed;
e.g., "Password ...". As a result, I don't recommend it.

>I'd like to convert to the safe. ...

Password Safe* <http://passwordsafe.sourceforge.net/> (open source freeware
originally created by noted cryptographer Bruce Schneier of Counterpane Labs)
can import a plain text file with user-specified field separators.

* NOT <http://www.passwordsafe.com/> 

-- 
Best regards,        HELP FOR CINGULAR GSM & SONY ERICSSON PHONES:
John Navas           <http://navasgrp.home.att.net/#Cingular>
Quantcast