Full Disclosure mailing list archives
Re: guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time)
From: Anders B Jansson <hdw () kallisti se>
Date: Sun, 26 Mar 2006 20:43:54 +0200
James Longstreet wrote:
On Mar 26, 2006, at 12:12 PM, Anders B Jansson wrote:And even then they fail the actual user has a gun at his temple.Frankly, this is true of just about any authentication scheme.
Exactly, so how far should you drive your requirements for an authentication scheme? Pushing requirements to far will lead to weaker security and higher cost without any gain. -- // hdw _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time) coderman (Mar 26)
- Re: guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time) Anders B Jansson (Mar 26)
- Re: guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time) James Longstreet (Mar 26)
- Re: guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time) Anders B Jansson (Mar 26)
- Re: guidelines for good password policyand maintenance / user centric identity with single passwords(or a small number at most over time) <...> (Mar 26)
- Re: guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time) Gareth Davies (Mar 26)
- Re: guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time) Valdis . Kletnieks (Mar 26)
- Re: guidelines for good password policy andmaintenance / user centric identity with single passwords (or asmall number at most over time) Dave Korn (Mar 28)
- Re: Re: guidelines for good password policy andmaintenance / user centric identity with single passwords (or asmall number at most over time) Michael Holstein (Mar 28)
- Re: guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time) James Longstreet (Mar 26)
- Re: guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time) Anders B Jansson (Mar 26)