Password Choices
Stephen J. Friedl
friedl at vsi.UUCP
Sun Jul 24 06:27:57 AEST 1988
In article <16595 at brl-adm.ARPA> JPLILER at simtel20.arpa (John R. Pliler) writes:
> Why not use a *random* password generator?
In article <4436 at ptsfa.PacBell.COM>,jmc at ptsfa.PacBell.COM (Jerry Carlin) writes:
> Just make sure that the algorithm generates a LARGE number of
> possibilities and is not known.
It is a better idea to use an algorithm that generates a very
large number of possibilities and then make the algorithm known.
To do otherwise places a burden on the implementor to keep the
secret and makes this information valuable to a nasty person,
thereby giving a challenge. Security by secrecy requires eternal
vigilance.
Steve
--
Steve Friedl V-Systems, Inc. +1 714 545 6442 3B2-kind-of-guy
friedl at vsi.com {backbones}!vsi.com!friedl attmail!vsi!friedl
--------- Nancy Reagan on flood-control: "Just say Noah
More information about the Comp.unix.questions
mailing list