Re: FAQ: How can I generate good strong passwords?

From: John Navas (spamfilter0_at_navasgroup.com)
Date: 10/14/05

  • Next message: John Hyde: "Re: FAQ: How can I generate good strong passwords?" 
    Date: Thu, 13 Oct 2005 23:39:38 GMT

    [POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]

    In <bAA3f.16893$Yl.4293@bignews4.bellsouth.net> on Thu, 13 Oct 2005 21:51:28
    GMT, rico_001@hotmail.com (Rico) wrote:

    >In article <kiA3f.138197$qY1.68955@bgtnsc04-news.ops.worldnet.att.net>, John Navas <spamfilter0@navasgroup.com> wrote:
    >>
    >>In <R3A3f.16265$Yl.4588@bignews4.bellsouth.net> on Thu, 13 Oct 2005 21:16:58
    >>GMT, rico_001@hotmail.com (Rico) wrote:
    >>
    >>>One could always generate a GUID and use that. Very very difficult to
    >>>reproduce and I would suspect fairly resistant to a brute force attack.
    >>>...
    >>
    >>But might well be vulnerable to some other form of attack. Since GUID isn't
    >>designed and tested for security, it's dangerous to make such assumptions, and
    >>thus not a good idea to use it.
    >
    >Well ultimately I suspect any password can be cracked given enough CPU
    >poser and time.

    If you follow the recommendations, that's very unlikely. You might as well
    worry about being hit by a meteor. ;)

    >With that in mind, any password will be a weak point in
    >security. Seems I recall seeing an article on /. some months back about the
    >FBI being able to crack passwords in minutes to a few hours.

    Some passwords, sure, but according to experts not good ones. Regardless, the
    FBI (or even the NSA) probably isn't the likely threat to us, now is it? ;)

    >Again though I am not trying to suggest a GUID is perfect nor invulnerable,
    >judt the routine I offered is an easy way to generate a fairly good random
    >password without going nuts over the issue.

    It's obviously *not* random.

    >I like you though recommend
    >Password Safe as perhaps the best solution within reason.

    Good. 

    -- 
Best regards,        HELP FOR CINGULAR GSM & SONY ERICSSON PHONES:
John Navas           <http://navasgrp.home.att.net/#Cingular>
  • Next message: John Hyde: "Re: FAQ: How can I generate good strong passwords?"

    Relevant Pages

    • Re: I DO NOT BELIEVE THE AROGANCE.
      ... SECURITY OF ALL INVOLVED! ... This is to report that in the middle of the night on my security ... I WOULD GET THE LOCAL FBI ON SECURITY ... Attack here now by air based deleterious agent. ...
      (soc.culture.europe)
    • High-Fivers and Art Student Spies: What Did Israel Know in Advance of the 9/11 Attacks?
      ... FBI Newark Field Office requests that, if the van is located, hold for ... The five men were indeed Israeli citizens. ... of their "celebration" with foreknowledge of the attack to come. ... peculiar tale of the Israeli "art students", ...
      (alt.gathering.rainbow)
    • Re: High-Fivers and Art Student Spies: What Did Israel Know in Advance of the 9/11 Attacks?
      ... What Did Israel Know in Advance of the 9/11 Attacks? ... FBI Newark Field Office requests that, if the van is located, hold for ... The five men were indeed Israeli citizens. ... of their "celebration" with foreknowledge of the attack to come. ...
      (alt.gathering.rainbow)
    • [Full-disclosure] Raising Robot Criminals
      ... identity theft and robot-driven attack propagation. ... security as well as on Sql Injection, this text is not yet another one. ... security numbers - are opened for remote penetration. ...
      (Full-Disclosure)
    • [Full-disclosure] STEP Security
      ... Internet-Drafts are working documents of the Internet Engineering ... security in otherwise insecure environments. ... APT (Another Possible Threat) ... of a cyber attack before more terabytes of data are exfiltrated from ...
      (Full-Disclosure)