Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10 5/3/83; site burl.UUCP
Path: utzoo!linus!philabs!cmcl2!floyd!vax135!ariel!hou5f!orion!houca!hogpc!houxm!hocda!spanky!burl!rcj
From: rcj@burl.UUCP
Newsgroups: net.unix-wizards
Subject: Re: a thought about UNIX login security
Message-ID: <200@burl.UUCP>
Date: Fri, 17-Jun-83 10:18:54 EDT
Article-I.D.: burl.200
Posted: Fri Jun 17 10:18:54 1983
Date-Received: Tue, 21-Jun-83 10:35:52 EDT
References: <2617@arizona.UUCP>
Organization: Western Electric, Burlington, NC
Lines: 17

A system for choosing passwords only works if the range of
that system is incredibly large and cannot be whittled down
in some manner.  For example, a required seven-character password
provides a sufficient range itself, if you do not start using
your dog's name or some geometric pattern on the keyboard.
If everyone picked truly random passwords of some minimum length,
there would be no password problem.  Unfortunately, us mere mortals
have to remember them.  I think that the idea of using some mnemonic,
(the first line of a poem, ad campaigns, the funny thing your daughter
said yesterday, etc.) as the basis for a password may be OK, if you
are suitably circumspect.  Who is going to have the data space and/or
time to put enough stuff into a data base to try out "tnpgnq" ("Take
no prisoners, give no quarter.")?
-- 

The MAD Programmer -- 919-228-3814 (Cornet 291)
alias: Curtis Jackson	...![ floyd sb1 mhuxv ]!burl!rcj