BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] deadmanish login?

Subject: [Discuss] deadmanish login?
From: kentborg at borg.org (Kent Borg)
Date: Fri, 3 Feb 2017 14:03:26 -0500
In-reply-to: <234349e1-3e63-0396-8c44-b4d7161ba26d@gmail.com>
References: <e480dec0-22f0-99be-dbc0-fa3f75ddd1fe@gmail.com> <a47bda52-ca1f-15ab-2f57-3ab5d1519a48@borg.org> <ecfa4f25-9416-ddcc-d92f-7979136fdf96@borg.org> <837eb7de-a956-c4bb-63f4-e1bcfa0e3861@gmail.com> <37fde12c-5572-a9e2-0525-fb37a8400691@borg.org> <5560cbeb-9a49-b959-c28a-44a3f0145d0f@gmail.com> <b261f072-dd42-b3e1-119e-3a380444a4dc@borg.org> <CA+h9Qs59TDWE22RJ561vrLs4J6JmNN9W6Tqg=9mPGTUy4E4KLQ@mail.gmail.com> <01da354a-066d-2c10-1e10-5780569627e5@borg.org> <d08d1f8f-e3ae-2e34-425e-83edf083780e@gmail.com> <20170203174338.GI21915@newtao.randomstring.org> <234349e1-3e63-0396-8c44-b4d7161ba26d@gmail.com>

On 02/03/2017 01:42 PM, Richard Pieri wrote:
> On 2/3/2017 12:43 PM, Dan Ritter wrote:
>> a) it has a zero-latency, no penalty for wrong-guesses method of
>> trying passwords
> In this case security depends almost entirely on intrusion prevention
> systems.

But to do that the place where the attacker has to break in is the 
target system itself. Once the attacker has broken into the target 
system the attacker is, um, in the target system! At the point it 
doesn't matter how good or bad your password is, the target is cracked open.

No, I don't care if the attacker can crack the hash once the target is 
broken: Because I don't recycle passwords.

And if you do recycle passwords? You are lazy, a fool, or both.

-kb, the Kent with limited sympathy for lazy fools.

References:
- [Discuss] deadmanish login?
  - From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] deadmanish login?
  - From: kentborg at borg.org (Kent Borg)
- [Discuss] deadmanish login?
  - From: kentborg at borg.org (Kent Borg)
- [Discuss] deadmanish login?
  - From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] deadmanish login?
  - From: kentborg at borg.org (Kent Borg)
- [Discuss] deadmanish login?
  - From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] deadmanish login?
  - From: kentborg at borg.org (Kent Borg)
- [Discuss] deadmanish login?
  - From: jabr at blu.org (John Abreau)
- [Discuss] deadmanish login?
  - From: kentborg at borg.org (Kent Borg)
- [Discuss] deadmanish login?
  - From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] deadmanish login?
  - From: dsr at randomstring.org (Dan Ritter)
- [Discuss] deadmanish login?
  - From: richard.pieri at gmail.com (Richard Pieri)

Prev by Date: [Discuss] deadmanish login?
Next by Date: [Discuss] deadmanish login?
Previous by thread: [Discuss] deadmanish login?
Next by thread: [Discuss] deadmanish login?
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.