Educause Security Discussion mailing list archives

Re: 15 character minimum passwords

From: Gary Flynn <flynngn () JMU EDU>
Date: Fri, 9 Jul 2004 10:14:37 -0400

Rich Graves wrote:

(if any client supports LANMAN, you
gain no security by going from 7 to 14)


I'm not sure I agree with this statement.

Yes, the password can be cracked in sections of 7 characters.
But you still have to crack both sections. The only place
this presents a weakness is if one section is easier to crack
and it is possible to deduce the other section without having
to crack the second section.

--
Gary Flynn
Security Engineer
James Madison University

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.

Current thread:

15 character minimum passwords Todd Gunter (Jul 08)
- <Possible follow-ups>
- Re: 15 character minimum passwords Eric Pancer (Jul 08)
- Re: 15 character minimum passwords Lucas, Bryan (Jul 08)
- Re: 15 character minimum passwords David Wall @ Yozons, Inc. (Jul 08)
- Re: 15 character minimum passwords Bill Frazier (Jul 09)
- 15 character minimum passwords Scott Bradner (Jul 09)
- Re: 15 character minimum passwords Greg Jackson (Jul 09)
- Re: 15 character minimum passwords Rich Graves (Jul 09)
- Re: 15 character minimum passwords Gary Flynn (Jul 09)
- Re: 15 character minimum passwords Gary Dobbins (Jul 09)
- Re: 15 character minimum passwords Lucas, Bryan (Jul 09)
- Re: 15 character minimum passwords Buz Dale (Jul 09)
- Re: 15 character minimum passwords Matthew Keller (Jul 09)
- Re: 15 character minimum passwords Melissa Guenther (Jul 09)
- Re: 15 character minimum passwords Leslie Maltz (Jul 09)
- Re: 15 character minimum passwords Jim Loter (Jul 09)
- Re: 15 character minimum passwords Bill Frazier (Jul 09)
- Re: 15 character minimum passwords Lucas, Bryan (Jul 09)
- Re: 15 character minimum passwords Gary Flynn (Jul 09)

(Thread continues...)