Pass-phrases vs. passwords
Jon Dixon
dixon.jon at gmail.com
Tue Feb 15 14:01:10 UTC 2005
We need something truly unique to the individual, so I'd like to see
biometrics become more mainstream.
On Tue, 15 Feb 2005 08:52:36 -0500, Eric Dunbar <eric.dunbar at gmail.com> wrote:
> Even though this comes from a tainted source, it's still an
> interesting discussion about the use of "pass phrases" vs. passwords:
>
> "Do you see a pattern here? Pass-phrase LENGTH, not complexity
> defeats these attacks. Short, but complex passwords should be shunned
> as they are not truly secure anymore and you are deceiving yourself if
> you think they are. Long pass-phrases (14 characters or more) are the
> future (along with 2-factor or more authN, but that's another blog for
> another day) and are the only way to go if you want to ensure that you
> won't get hacked via any type of password based attack of any kind."
>
> <http://weblogs.asp.net/robert_hensing/archive/2004/07/28/199610.aspx>
>
> PS FM(y)I What is the password length for *nix systems using the
> different (& most common) types of authentication?
>
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> http://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>
--
If knowledge can create problems, it is not through ignorance that we
can solve them.
- Isaac Asimov
More information about the ubuntu-users
mailing list