password

Mikkel L. Ellertson mikkel at infinity-ltd.com
Sat Feb 10 17:02:32 UTC 2007


Tim wrote:
> Manuel Arostegui Ramirez:
>>> Of course I'm not going to tell you guys what I do with my passwords :-) 
> 
> Vivek J. Patankar:
>> So why mention it in the first place?
> 
> Quoting from Yes Minister, or Yes Prime Minister (a BBC TV series):
> - Can you keep a secret?
> - Yes...
> - So can I.
> (End of that conversation)
> 
> I would imagine that dictionary attacks would, now, also try mixing
> together some words in various ways.  I think that if you have trouble
> deciding on what to use for a password, you'd really want to take about
> three words, at least, scramble the letters into gibberish, and use
> that, making your password as long as the system will let you.  You do
> want to make it so that any brute force attempt on your password takes
> as much time as you can make it.
> 
Another interesting way to have a fairly strong password, but still
be able to remember it is to come up with a sentence or phrase. Then
take the first letter of each word, and use that as your password.
It would be better if there were some numbers/special symbols in it,
but it is a big improvement over most passwords. For example, you
could take my signature and create a password of Dnmitaod,ftacatgwk
- try a dictionary attack on that. (Probably too long a password for
most places, but you get the idea.)

Mikkel
-- 

  Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!




More information about the fedora-list mailing list