CDR: Re: Is kerberos broken?
sunder
sunder at sunder.net
Tue Sep 5 17:38:32 PDT 2000
Sampo A Syreeni wrote:
>
> >For myself, I often use as pass phrases memorized phrases from
> >literature. Which ones? Well, I read four languages, and I do the
> >number/letter and symbol/letter substitutions, so I feel secure even
> >revealing that clue.
>
> Good for you. Most people never go to even that much trouble. But I still
> think that dictionary searches on, say, all consequtive subsequences of
> 6-200 characters in the top 100 most likely to have been read books of a
I tend to just string up lots of characters, so my passphrases look like this:
^#.;Odfi9 at 7f$}'~%42w0,m:Qe_|33+\ and so on.
How do you memorize this? You break it up in chunks, memorize each chunk, then link them together. And then you type it in a lot
of times the first few days you use it. It's not that hard. If you don't use it on a daily basis, the danger is in forgetting it.
Yep, most people would have a coronary before accepting the above as a passphrase. Fuck'em. They deserve the security they're
willing to provide themselves.
Passphrases from books are nice, but if they're all text, they're a hell of a lot easier to brute than the above. Especially if you
have the texts in electronic form.
--
----------------------Kaos-Keraunos-Kybernetos---------------------------
+ ^ + :Surveillance cameras|Passwords are like underwear. You don't /|\
\|/ :aren't security. A |share them, you don't hang them on your/\|/\
<--*-->:camera won't stop a |monitor, or under your keyboard, you \/|\/
/|\ :masked killer, but |don't email them, or put them on a web \|/
+ v + :will violate privacy|site, and you must change them very often.
--------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------
More information about the cypherpunks-legacy
mailing list