Security Basics mailing list archives
RE: File Encryption - Part II
From: "Chris Berry" <compjma () hotmail com>
Date: Tue, 23 Sep 2003 15:21:17 -0700
From: Kamal Habayeb [mailto:mountainfury () fastmail fm] Milli Bit wrote: | In my quest for passwords that are easy to remember, I wrote a small | web-app "Pseudo-Random Semi-Pronounceable Password". Rather than | duplicate the explanation here in email... Very interesting. Again like you said it would not be suitable for acorporate environment, but it would be very good for a home user, especiallyif one were to add some numbers in there. I personally use Aladdin Systems Web sign-on token. It is a usb token that fits on your key ring and allows you to save web page passwords to it. You need to enter a master password to access the token, but it allows you to have a different random password for every site. From: Meidinger Chris <chris.meidinger () badenit de> Do you really think those are not good enough for corporate use? Seem to be fine to me, i can manually throw in a number, or a changed case before i give a pass to a user.
This is a nice tool, but honestly you're reinventing the wheel, these are called MTR-3006 passwords and I've already been using a program that does this (and can add numbers) called XYZZY. Sorry, didn't mean to rain on your parade. I wouldn't use these as OS login passwords (unless you rotate with ridiculous frequency like monthly) but they're great for website passwords and things with a low security rating like instant messaging.
Chris Berry compjma () hotmail com Systems Administrator JM Associates"You are not special. You are not a beautiful or unique snowflake. You are the same decaying organic matter as everything else." -- Tyler Durden
_________________________________________________________________Get MSN 8 Dial-up Internet Service FREE for one month. Limited time offer-- sign up now! http://join.msn.com/?page=dept/dialup
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: File Encryption - Part II, (continued)
- Re: File Encryption - Part II Patrick Boucher (Sep 16)
- RE: File Encryption - Part II Lucas Zaichkowsky (Sep 16)
- RE: File Encryption - Part II Neil Fryer (Sep 16)
- RE: File Encryption - Part II Kenneth Buchanan (Sep 16)
- Re: File Encryption - Part II Kamal Habayeb (Sep 16)
- RE: File Encryption - Part II Kenneth Buchanan (Sep 16)
- RE: File Encryption - Part II Milli Bit (Sep 23)
- RE: File Encryption - Part II Milli Bit (Sep 23)
- Re: File Encryption - Part II Kamal Habayeb (Sep 23)
- RE: File Encryption - Part II Meidinger Chris (Sep 23)
- RE: File Encryption - Part II Chris Berry (Sep 23)