Obvious password detector / eliminat - (nf)
wombat at uicsl.UUCP
wombat at uicsl.UUCP
Tue Apr 24 05:16:00 AEST 1984
#R:wdl1:-19900:uicsl:12500023:000:796
uicsl!wombat Apr 23 13:16:00 1984
So encourage users to pick passwords that look like arbitrary strings,
but can be easily remembered as a sentence. E.g., a password is actually
"imimtlmom," but the user can remember it by taking the first letter
from each word of "It's May, it's May, the lusty month of May."
This produces a password unlikely to exist unencrypted anywhere on
the system, but since it can be re-created easily, the user need
not keep it written down. And I'm sure there must be quite a few other
schemes this easy. (Like, pick alien names from obscure 50's science
fiction stories, or use an uncommon foreign language, like Basque.)
I think this password-checking is a good idea for systems worried
about security, at least until a real, live secure UNIX comes out.
Wombat
ihnp4!uiucdcs!uicsl!wombat
More information about the Comp.unix.wizards
mailing list