Re: FAQ: How can I generate good strong passwords?
From: John Navas (spamfilter0_at_navasgroup.com)
Date: Thu, 13 Oct 2005 23:39:38 GMT
[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]
In <bAA3f.16893$Yl.firstname.lastname@example.org> on Thu, 13 Oct 2005 21:51:28
GMT, email@example.com (Rico) wrote:
>In article <kiA3f.138197$qY1.firstname.lastname@example.org>, John Navas <email@example.com> wrote:
>>In <R3A3f.16265$Yl.firstname.lastname@example.org> on Thu, 13 Oct 2005 21:16:58
>>GMT, email@example.com (Rico) wrote:
>>>One could always generate a GUID and use that. Very very difficult to
>>>reproduce and I would suspect fairly resistant to a brute force attack.
>>But might well be vulnerable to some other form of attack. Since GUID isn't
>>designed and tested for security, it's dangerous to make such assumptions, and
>>thus not a good idea to use it.
>Well ultimately I suspect any password can be cracked given enough CPU
>poser and time.
If you follow the recommendations, that's very unlikely. You might as well
worry about being hit by a meteor. ;)
>With that in mind, any password will be a weak point in
>security. Seems I recall seeing an article on /. some months back about the
>FBI being able to crack passwords in minutes to a few hours.
Some passwords, sure, but according to experts not good ones. Regardless, the
FBI (or even the NSA) probably isn't the likely threat to us, now is it? ;)
>Again though I am not trying to suggest a GUID is perfect nor invulnerable,
>judt the routine I offered is an easy way to generate a fairly good random
>password without going nuts over the issue.
It's obviously *not* random.
>I like you though recommend
>Password Safe as perhaps the best solution within reason.
-- Best regards, HELP FOR CINGULAR GSM & SONY ERICSSON PHONES: John Navas <http://navasgrp.home.att.net/#Cingular>