Re: xkcd on password strength

[Larry Seltzer <larry () larryseltzer com>]

Do you mean that social engineering is the main threat? If so, maybe it's
good that users have complicated passwords they can't remember, lest they
give them up to the wrong people.

On Thu, Aug 11, 2011 at 8:22 AM, Drsolly <drsollyp () drsolly com> wrote:

> Also true that brute force attacks, or dictionary attacks, aren't the main
> threat.
>
> On Wed, 10 Aug 2011, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote:
>
> > http://xkcd.com/936/
> >
> > Too true.  Also too bad that so many sites limit you to 14-16 characters
> ...
> > ======================  (quote inserted randomly by Pegasus Mailer)
> > rslade () vcn bc ca     slade () victoria tc ca     rslade () computercrime org
> > Basic research is what I'm doing when I don't know what I'm doing
> >                                                   - Werner von Braun
> > victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
> > http://blogs.securiteam.com/index.php/archives/author/p1/
> > http://twitter.com/rslade
> > _______________________________________________
> > Fun and Misc security discussion for OT posts.
> > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> > Note: funsec is a public and open mailing list.
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.