[security flaw] Ubuntu is a plain text offender
Kent Borg
kentborg at borg.org
Tue May 24 19:29:38 UTC 2011
I wrote:
> Does 0x614d2079687420656f666372206565627720746920686f792175000a seem
> like a good enough password? How much entropy is in it?
>
> Does 0x87972a55700e1080bf1c9b5e1cf45a01940553f919607a5d5aafae59 seem
> like a good enough password? How much entropy is in it?
>
> One is a damn good password, one is truly terrible (if you are up
> against a motivated and funded foe).
That is, as encryption keys where an attacker can do lots of decryption
attempts are once, the first one is a bad passphrase if you have a
powerful foe. As a traditional ssh password, it is much better if way
cumersome. It depends greatly on what a passphrase or password is used for.
-kb
More information about the ubuntu-users
mailing list