Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10 5/3/83; site burl.UUCP Path: utzoo!linus!philabs!cmcl2!floyd!vax135!ariel!hou5f!orion!houca!hogpc!houxm!hocda!spanky!burl!rcj From: rcj@burl.UUCP Newsgroups: net.unix-wizards Subject: Re: a thought about UNIX login security Message-ID: <200@burl.UUCP> Date: Fri, 17-Jun-83 10:18:54 EDT Article-I.D.: burl.200 Posted: Fri Jun 17 10:18:54 1983 Date-Received: Tue, 21-Jun-83 10:35:52 EDT References: <2617@arizona.UUCP> Organization: Western Electric, Burlington, NC Lines: 17 A system for choosing passwords only works if the range of that system is incredibly large and cannot be whittled down in some manner. For example, a required seven-character password provides a sufficient range itself, if you do not start using your dog's name or some geometric pattern on the keyboard. If everyone picked truly random passwords of some minimum length, there would be no password problem. Unfortunately, us mere mortals have to remember them. I think that the idea of using some mnemonic, (the first line of a poem, ad campaigns, the funny thing your daughter said yesterday, etc.) as the basis for a password may be OK, if you are suitably circumspect. Who is going to have the data space and/or time to put enough stuff into a data base to try out "tnpgnq" ("Take no prisoners, give no quarter.")? -- The MAD Programmer -- 919-228-3814 (Cornet 291) alias: Curtis Jackson ...![ floyd sb1 mhuxv ]!burl!rcj