Educause Security Discussion mailing list archives
Re: Password entropy
From: James H Moore <jhmfa () RIT EDU>
Date: Sun, 23 Jul 2006 22:42:27 -0400
I have been following this thread, mainly because, you all, in your well crafted answers, exposed to me my own ignorance. We are in the beginning stages of looking at some sort of 2 factor authentication. We also are looking at what other people are doing with encryption, and beginning to consider extending what we have. I am reading this, because I want to know what to advise users too. One thing as far as predictability, I have sometimes used a "first letter" formula for everything from quotes, to books/movies/music. EG "MoonPie: Biography of an Out-of-This-World Snack" by David Magee (a recent book with a great deal of relevance) would become 1DM<>MP:boaootws . I am still not sure what is good to recommend to users. Jim - - - - Jim Moore, CISSP, IAM Information Security Officer Rochester Institute of Technology 13 Lomb Memorial Drive Rochester, NY 14623-5603 (585) 475-5406 (office) (585) 475-4122 (lab) (585) 475-7950 (fax) "We will have a chance when we are as efficient at communicating information security best practices, as hackers and criminals are at sharing attack information" - Peter Presidio
Current thread:
- Re: Password entropy, (continued)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Basgen, Brian (Jul 20)
- Re: Password entropy Harold Winshel (Jul 20)
- Re: Password entropy Harold Winshel (Jul 20)
- Re: Password entropy Graham Toal (Jul 21)
- Re: Password entropy Roger Safian (Jul 21)
- Re: Password entropy Valdis Kletnieks (Jul 23)
- Re: Password entropy Roger Safian (Jul 23)
- Re: Password entropy Roger Safian (Jul 23)
- Re: Password entropy Paul Russell (Jul 23)
- Re: Password entropy James H Moore (Jul 23)
- Re: Password entropy Valdis Kletnieks (Jul 23)
- Re: Password entropy Harold Winshel (Jul 24)
- Re: Password entropy Robert Kerr (Jul 24)
- Re: Password entropy Graham Toal (Jul 24)
- Re: Password entropy Roger Safian (Jul 24)
- Re: Password entropy Graham Toal (Jul 24)
- Re: Password entropy Valdis Kletnieks (Jul 24)
- Re: Password entropy Basgen, Brian (Jul 24)
- Re: Password entropy Roger Safian (Jul 24)
- Re: Password entropy Harold Winshel (Jul 24)
(Thread continues...)