Xref: utzoo comp.unix.questions:8020 comp.misc:2738
Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!ames!pasteur!ucbvax!decwrl!pyramid!prls!philabs!ttidca!hollombe
From: hollombe@ttidca.TTI.COM (The Polymath)
Newsgroups: comp.unix.questions,comp.misc
Subject: Re: Password choices
Keywords: passwords
Message-ID: <2866@ttidca.TTI.COM>
Date: 7 Jul 88 19:08:50 GMT
References: <4387@ptsfa.PacBell.COM>
Reply-To: hollombe@ttidcb.tti.com (The Polymath)
Organization: The Cat Factory
Lines: 32

In article <4387@ptsfa.PacBell.COM> jmc@ptsfa.PacBell.COM (Jerry Carlin) writes:
}Somewhere I remember hearing or reading that someone did a study
}about typical (bad) password choices and/or what consituted good
}password choices. ...

Suggested reading:

     UNIX System Manager's Manual
	  On the Security of UNIX
	  Password Security - A Case History

I did some experimenting and reading on the subject a few months ago.
Here's some suggestions:

Bad choices:

     anything under 6 characters
     anything in the spell dictionary (or any on-line dictionary)
     anything in your /etc/passwd entry (especially name and login id)
     any publicly available personal fact or attribute

Good choices:

     not a bad choice (-:
     include at least one punctuation (non-alphameric) character
     use both upper and lower case

-- 
The Polymath (aka: Jerry Hollombe, hollombe@ttidca.tti.com)  Illegitimati Nil
Citicorp(+)TTI                                                 Carborundum
3100 Ocean Park Blvd.   (213) 452-9191, x2483
Santa Monica, CA  90405 {csun|philabs|psivax|trwrb}!ttidca!hollombe