funsec mailing list archives
Re: xkcd on password strength
From: Larry Seltzer <larry () larryseltzer com>
Date: Wed, 10 Aug 2011 17:39:26 -0400
Many years ago I wrote a column advocating "passphrases". A passphrase like "I really love white pizza." has many bits of entropy and is easy to remember. Even "This is my Amazon password" would probably be good. But as you say, so many sites limit you to short passwords. LJS On Wed, Aug 10, 2011 at 2:00 PM, Mouse <mouse () rodents-montreal org> wrote:
http://xkcd.com/936/Too true. Also too bad that so many sites limit you to 14-16 characters ...Yeah, if I have to use something that's hard to remember, I'm going to do something like dd if=/dev/urandom bs=1 count=8 | hexdump -v -e '1/1 "%02x"' | cvtbase x "`count from 33 to 126 | code-to-char`" and just deal with memorizing =m%bDf<-%L or )s}lbsTDYI or the like (those are two real results of running the above command). Not all that easy to memorize, but not all _that_ much harder than Tr0ub4dor&3, and substantially more secure. Better yet, of course, would be to simply refuse to have anything to do with organizations that demand you use passwords rather than something like ssh identities that at least have the _potential_ to provide real security. /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mouse () rodents-montreal org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- xkcd on password strength Rob, grandpa of Ryan, Trevor, Devon & Hannah (Aug 10)
- Re: xkcd on password strength Mouse (Aug 10)
- Re: xkcd on password strength Larry Seltzer (Aug 10)
- Message not available
- Re: xkcd on password strength Larry Seltzer (Aug 10)
- Re: xkcd on password strength Larry Seltzer (Aug 10)
- Re: xkcd on password strength Mouse (Aug 10)
- Re: xkcd on password strength Drsolly (Aug 11)
- Re: xkcd on password strength Larry Seltzer (Aug 11)
- Re: xkcd on password strength Roger Thompson (Aug 11)
- Re: xkcd on password strength Drsolly (Aug 11)
- Re: xkcd on password strength Rob, grandpa of Ryan, Trevor, Devon & Hannah (Aug 11)
- Re: xkcd on password strength Jeffrey Walton (Aug 11)
- Re: xkcd on password strength Larry Seltzer (Aug 11)