Educause Security Discussion mailing list archives
Re: Password Complexity and Aging
From: "Basgen, Brian" <bbasgen () PIMA EDU>
Date: Mon, 13 Apr 2009 20:18:59 -0700
brute force attack against passwords CAN't be stopped if the attacker is given unlimited time and that long passwords that change frequently are a proper and effective defense against that activity.
Brute force can be effectively mitigated through strong entropy without any change frequency requirement. 72-bit strength has not been publicly cracked, and it is widely accepted that 128-bits is such a massive key space that a revolution in processing (e.g. quantum computing) would be required to brute force it. Moore's law just can't compete against the ease with which key lengths can be increased. ~~~~~~~~~~~~~~~~~~ Brian Basgen Information Security Pima Community College
Current thread:
- Re: Password Complexity and Aging, (continued)
- Re: Password Complexity and Aging Perloff, Jim (Apr 13)
- Re: Password Complexity and Aging Basgen, Brian (Apr 13)
- Re: Password Complexity and Aging Mclaughlin, Kevin (mclaugkl) (Apr 13)
- Re: Password Complexity and Aging Mclaughlin, Kevin (mclaugkl) (Apr 13)
- Re: Password Complexity and Aging Lucas, Bryan (Apr 13)
- Re: Password Complexity and Aging David L. Wasley (Apr 13)
- Re: Password Complexity and Aging David L. Wasley (Apr 13)
- Re: Password Complexity and Aging Mclaughlin, Kevin (mclaugkl) (Apr 13)
- Re: Password Complexity and Aging Russell Fulton (Apr 13)
- Re: Password Complexity and Aging Morrow Long (Apr 13)
- Re: Password Complexity and Aging Basgen, Brian (Apr 13)
- Re: Password Complexity and Aging Mike Waller (Apr 13)
- Re: Password Complexity and Aging Chad McDonald (Apr 14)
- Re: Password Complexity and Aging Doug Markiewicz (Apr 14)
- Re: Password Complexity and Aging Dexter Caldwell (Apr 14)
- Re: Password Complexity and Aging Perloff, Jim (Apr 30)
- Re: Password Complexity and Aging Valdis Kletnieks (Apr 30)
- Re: Password Complexity and Aging Vedda, Michael (Mike) (Apr 30)
- Re: Password Complexity and Aging randy marchany (Apr 30)
- Re: Password Complexity and Aging Zach Jansen (Apr 30)
- Re: Password Complexity and Aging HALL, NATHANIEL D. (Apr 30)