Re: Security theatre?
- From: Maaartin <grajcar1@xxxxxxxxx>
- Date: Mon, 26 Apr 2010 06:15:50 -0700 (PDT)
On Apr 26, 3:08 pm, Stewart Malik <mali0...@xxxxxxxxx> wrote:
This means, that for locking somebody out on the same computer for
time T seconds, you need to spend there about sqrt(2*T) seconds.
If I'm understanding correctly you're saying that to lock a user out
for T seconds then you would need to sit at their computer for
sqrt(2*T) seconds.
You do understand correctly what wrote, but it was wrong.
If this is the case then to lock a user out for 10
mins you would only have to sit there for approx 35 seconds
(sqrt(1200)).
I wrote it the wrong way. You need to spend 10 minutes for locking out
the user for 35 seconds. It goes this way: You enter a wrong password,
wait 1 second, enter it again, wait 2 seconds, again, wait 3
seconds, ..., again, wait 34 seconds. This sums up to 1+2+...+34 =
(1+34)*34/2 = 595 seconds.
This isn't very long at all and not much of an
improvement on the current system. I liked how you suggested that a
system could clear the username after two failed attempts though.
I hope, now you like the formula, too.
.
- References:
- Security theatre?
- From: Peter Fairbrother
- Re: Security theatre?
- From: bmearns
- Re: Security theatre?
- From: Peter Fairbrother
- Re: Security theatre?
- From: Gordon Burditt
- Re: Security theatre?
- From: Alias
- Re: Security theatre?
- From: Maaartin
- Re: Security theatre?
- From: Stewart Malik
- Security theatre?
- Prev by Date: Re: Call for review: Hashing by hand algorithm
- Next by Date: Re: Steganography Software
- Previous by thread: Re: Security theatre?
- Next by thread: Re: Security theatre?
- Index(es):
Relevant Pages
|
