BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] deadmanish login?
- Subject: [Discuss] deadmanish login?
- From: richard.pieri at gmail.com (Richard Pieri)
- Date: Fri, 3 Feb 2017 13:42:52 -0500
- In-reply-to: <20170203174338.GI21915@newtao.randomstring.org>
- References: <e480dec0-22f0-99be-dbc0-fa3f75ddd1fe@gmail.com> <a47bda52-ca1f-15ab-2f57-3ab5d1519a48@borg.org> <ecfa4f25-9416-ddcc-d92f-7979136fdf96@borg.org> <837eb7de-a956-c4bb-63f4-e1bcfa0e3861@gmail.com> <37fde12c-5572-a9e2-0525-fb37a8400691@borg.org> <5560cbeb-9a49-b959-c28a-44a3f0145d0f@gmail.com> <b261f072-dd42-b3e1-119e-3a380444a4dc@borg.org> <CA+h9Qs59TDWE22RJ561vrLs4J6JmNN9W6Tqg=9mPGTUy4E4KLQ@mail.gmail.com> <01da354a-066d-2c10-1e10-5780569627e5@borg.org> <d08d1f8f-e3ae-2e34-425e-83edf083780e@gmail.com> <20170203174338.GI21915@newtao.randomstring.org>
On 2/3/2017 12:43 PM, Dan Ritter wrote: > a) it has a zero-latency, no penalty for wrong-guesses method of > trying passwords In this case security depends almost entirely on intrusion prevention systems. > b) it has the hash of the passphrase in front of it and is generating > matches. And in this case, after case a has failed, password quality becomes a relevant factor. At this point a 521-bit ECDSA key, comparable to AES-256 in terms of key strength, is vastly stronger than anything you can keep in your head. On 2/3/2017 1:20 PM, Kent Borg wrote: > You are confusing (1) a password used as a password, and (2) a > passphrase used for an encryption key. They are completely different. Rather, you are assuming that Dan's case b will never happen whereas I'm assuming that it will. There is no difference at all once case b happens. I'm not a proponent of SSH keys per se. I'm an opponent of passwords. They suck. They're a bad habit that the computer industry should have long since abandoned. I prefer using SSH keys because they suck less than using passwords and nobody has come up with anything better. -- Rich P.
- Follow-Ups:
- [Discuss] deadmanish login?
- From: kentborg at borg.org (Kent Borg)
- [Discuss] deadmanish login?
- References:
- [Discuss] deadmanish login?
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] deadmanish login?
- From: kentborg at borg.org (Kent Borg)
- [Discuss] deadmanish login?
- From: kentborg at borg.org (Kent Borg)
- [Discuss] deadmanish login?
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] deadmanish login?
- From: kentborg at borg.org (Kent Borg)
- [Discuss] deadmanish login?
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] deadmanish login?
- From: kentborg at borg.org (Kent Borg)
- [Discuss] deadmanish login?
- From: jabr at blu.org (John Abreau)
- [Discuss] deadmanish login?
- From: kentborg at borg.org (Kent Borg)
- [Discuss] deadmanish login?
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] deadmanish login?
- From: dsr at randomstring.org (Dan Ritter)
- [Discuss] deadmanish login?
- Prev by Date: [Discuss] deadmanish login?
- Next by Date: [Discuss] deadmanish login?
- Previous by thread: [Discuss] deadmanish login?
- Next by thread: [Discuss] deadmanish login?
- Index(es):