BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] deadmanish login?
- Subject: [Discuss] deadmanish login?
- From: kentborg at borg.org (Kent Borg)
- Date: Tue, 31 Jan 2017 08:48:37 -0500
- In-reply-to: <e94de5ff-7644-d501-ccb4-fd4a6b32ff7a@napc.com>
- References: <iydoKFG1q6EvZNl6T2sztfNEyMK3eE7jp_2ZXrcPTgVFK1IPE5deLwZcViB_xDQMcb16enHDIBp9gek18AIxu5VrLtdgSHK6qEOO91dh2nA=@protonmail.com> <20170131014651.GA21915@newtao.randomstring.org> <1cca093a-2f5b-c105-0288-5f435c11104e@borg.org> <e94de5ff-7644-d501-ccb4-fd4a6b32ff7a@napc.com>
On 01/31/2017 08:23 AM, Grant NAPC wrote: > I agree with Kent, although I do believe you should rotate your > password at some reasonable interval. We do enforce password rotation > and a mix of alphanumeric/symbols at my company. Here is an idea: Don't let users set their own passwords. That way you can be sure you aren't being fed that user's Ashley Madison or Yahoo password. This won't prevent password reuse in the other direction, unfortunately. "15-ladder-bamboo-sierra" is an easy password to remember and type, yet it has 40-bits of entropy. Even if some bizarrely configured sshd allowed 1000-attempts per second (which they don't) it would still take over 18-years to try half the combinations. 02-alex-smile-metro, 5b-mile-sleep-school, ea-mercy-copy-pizza... -kb
- Follow-Ups:
- [Discuss] deadmanish login?
- From: gmongardi at napc.com (Grant NAPC)
- [Discuss] deadmanish login?
- References:
- [Discuss] deadmanish login?
- From: sillystring at protonmail.com (Eric Chadbourne)
- [Discuss] deadmanish login?
- From: dsr at randomstring.org (Dan Ritter)
- [Discuss] deadmanish login?
- From: kentborg at borg.org (Kent Borg)
- [Discuss] deadmanish login?
- From: gmongardi at napc.com (Grant NAPC)
- [Discuss] deadmanish login?
- Prev by Date: [Discuss] deadmanish login?
- Next by Date: [Discuss] deadmanish login?
- Previous by thread: [Discuss] deadmanish login?
- Next by thread: [Discuss] deadmanish login?
- Index(es):
