Path: utzoo!attcan!uunet!husc6!cmcl2!adm!smoke!gwyn From: gwyn@smoke.BRL.MIL (Doug Gwyn ) Newsgroups: comp.unix.wizards Subject: Re: Worm/Passwords Message-ID: <8998@smoke.BRL.MIL> Date: 28 Nov 88 11:52:28 GMT References: <22401@cornell.UUCP> <4627@rayssd.ray.com> <251@ispi.UUCP> <205@twwells.uucp> <8981@smoke.BRL.MIL> <220@twwells.uucp> Reply-To: gwyn@brl.arpa (Doug Gwyn (VLD/VMB)) Organization: Ballistic Research Lab (BRL), APG, MD. Lines: 23 In article <220@twwells.uucp> bill@twwells.UUCP (T. William Wells) writes: > ... lassword ... Oh, but I can't let you have the lassword! >As you can see, many of these would make easily pronounceable passwords. > >Using a better database might create more or better passwords. And >each user could have his own database; this makes knowledge of the >travesty algorithm useless for guessing someone's password. I didn't mean to imply that this approach wasn't viable, but I couldn't resist the experiment and thought (since the posted travesty program wasn't runnable on anything except MS-DOS) that an illustration of what "travesty" produces might be informative to many readers. Indeed, use of samples of a natural language itself as a database for producing statistically similar "random" text is a good idea. I seem to recall one of the Computer Recreations columns in Scientific American a couple of years ago exploring this method. Certainly a larger, more varied database would have produce a better selection of lasswords.