From owner-freebsd-current@FreeBSD.ORG Mon Apr 20 18:56:47 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 197E3106564A for ; Mon, 20 Apr 2009 18:56:47 +0000 (UTC) (envelope-from chuckr@telenix.org) Received: from mail5.sea5.speakeasy.net (mail5.sea5.speakeasy.net [69.17.117.7]) by mx1.freebsd.org (Postfix) with ESMTP id E9C1E8FC16 for ; Mon, 20 Apr 2009 18:56:46 +0000 (UTC) (envelope-from chuckr@telenix.org) Received: (qmail 1535 invoked from network); 20 Apr 2009 18:56:46 -0000 Received: from april.chuckr.org (HELO april.telenix.org) (chuckr@[66.92.151.30]) (envelope-sender ) by mail5.sea5.speakeasy.net (qmail-ldap-1.03) with AES256-SHA encrypted SMTP for ; 20 Apr 2009 18:56:46 -0000 Message-ID: <49ECC571.7040405@telenix.org> Date: Mon, 20 Apr 2009 14:56:49 -0400 From: Chuck Robey User-Agent: Thunderbird 2.0.0.19 (X11/20090121) MIME-Version: 1.0 To: anthony.rasat@gmail.com References: <754723275-1240208442-cardhu_decombobulator_blackberry.rim.net-1046132361-@bxe1006.bisx.prodap.on.blackberry> In-Reply-To: <754723275-1240208442-cardhu_decombobulator_blackberry.rim.net-1046132361-@bxe1006.bisx.prodap.on.blackberry> X-Enigmail-Version: 0.95.5 OpenPGP: id=F3DCA0E9; url=http://pgp.mit.edu Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: freebsd-current@freebsd.org Subject: Re: OT: 2d password X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Apr 2009 18:56:47 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Anthony M. Rasat wrote: > Kỳ Anh, Huỳnh wrote: >> I've just found a quite good way: use 2-d moving on the keyboard. > > Do you know that many people has following password? > > qweasdzxc > > I know lots of people use it (Oops, this is a mailing list. Oh well, too bad). > > The best practice is still combination of letters and numbers, IMO. Actually, if you can use the machine in question only from a central machine, then the most secure way if to set yourself up to use ssh keys, and then to remove entirely any passwords at all. Kinda difficult to crack a machine which hasn't got any passwords, and ssh keys is a very convenient/secure access method. Lot of the folks on this list know about that, because it's the way that you have to log into your accounts on hub. Makes things very secure and very easy. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAknsxXEACgkQz62J6PPcoOnzXwCfbHC5vmNnx0Y79oGWtXufW6RG bpkAn0uKfowAru96Pchnx1jZJV00GRha =0Gjn -----END PGP SIGNATURE-----