Date: Mon, 20 Apr 2009 13:17:41 +0200 From: Christof Schulze <christof.schulze@gmx.net> To: freebsd-current@freebsd.org Subject: Re: OT: 2d password Message-ID: <200904201317.44334.christof.schulze@gmx.net> In-Reply-To: <20090420162802.5959c7fa@icy.local> References: <754723275-1240208442-cardhu_decombobulator_blackberry.rim.net-1046132361-@bxe1006.bisx.prodap.on.blackberry> <49EC305D.4010202@NLnetLabs.nl> <20090420162802.5959c7fa@icy.local>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart3048890.ynbdBt7GOl Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Am Montag 20 April 2009 11:28:02 schrieb K=E1=BB=B3 Anh, Hu=E1=BB=B3nh: > [ ways of generating passwords] > > Finally I get into 2-d moving on the keyboard as described in my first > post. I check some passwords in http://www.testyourpassword.com/ and see > that some stupid patterns on keyboard show a "STRONG" status. I event > get the BEST password with some simple moving around symbols and > letters. I good way to remember secure passwords was presented in the uptimes=20 magazine a while ago in an article about passwords and their security. Good passwords contain a lot of entropy. Also the entropy of letters in the beginning of words seems to be higher=20 than the entropy towards the end of words in western languages. The proposal that the author Thomas Maus is making is this: Pick a sentence and take the first character(s) from each word to be your=20 password. Example "I like doing laundry wednesday evening 8pm." the resulting password would be: "Ildlwe8p" It is easy to remember because the sentence is natural language. Also it is= =20 fairly easy to come up with. This article provides some good insights into the effectivity of password=20 policies. The bottom line is that the way these policies are used today=20 cause weaker passwords because they work against the user. In the end some= =20 proposals are made what to do to obtain better passwords and how to=20 implement a policy for stronger passwords. Regards Christof > > Though Athony said "qweasdzxc" is a popular I still wonder whether we > can use complex patterns on keyboard? And what's tool that help me to > check password strength? > > Regards, > > PS: !!WARNING!! > > Discussing this topic may cause your habits to be known by others. I > don't have intend to gather your information. Thank you for your > understanding. --nextPart3048890.ynbdBt7GOl Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (FreeBSD) iEYEABECAAYFAknsWdgACgkQpZfyPAmdZJlsoACgofTr2wv+T7TY/FUhPc+0E21y 7UoAn0iKWvVkcLT+20izdE+im+izJF+s =AaDF -----END PGP SIGNATURE----- --nextPart3048890.ynbdBt7GOl--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200904201317.44334.christof.schulze>