Xref: utzoo comp.unix.questions:8020 comp.misc:2738 Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!ames!pasteur!ucbvax!decwrl!pyramid!prls!philabs!ttidca!hollombe From: hollombe@ttidca.TTI.COM (The Polymath) Newsgroups: comp.unix.questions,comp.misc Subject: Re: Password choices Keywords: passwords Message-ID: <2866@ttidca.TTI.COM> Date: 7 Jul 88 19:08:50 GMT References: <4387@ptsfa.PacBell.COM> Reply-To: hollombe@ttidcb.tti.com (The Polymath) Organization: The Cat Factory Lines: 32 In article <4387@ptsfa.PacBell.COM> jmc@ptsfa.PacBell.COM (Jerry Carlin) writes: }Somewhere I remember hearing or reading that someone did a study }about typical (bad) password choices and/or what consituted good }password choices. ... Suggested reading: UNIX System Manager's Manual On the Security of UNIX Password Security - A Case History I did some experimenting and reading on the subject a few months ago. Here's some suggestions: Bad choices: anything under 6 characters anything in the spell dictionary (or any on-line dictionary) anything in your /etc/passwd entry (especially name and login id) any publicly available personal fact or attribute Good choices: not a bad choice (-: include at least one punctuation (non-alphameric) character use both upper and lower case -- The Polymath (aka: Jerry Hollombe, hollombe@ttidca.tti.com) Illegitimati Nil Citicorp(+)TTI Carborundum 3100 Ocean Park Blvd. (213) 452-9191, x2483 Santa Monica, CA 90405 {csun|philabs|psivax|trwrb}!ttidca!hollombe