Obvious password detector / eliminator
steve at BRL-BMD.ARPA
steve at BRL-BMD.ARPA
Fri May 4 15:15:09 AEST 1984
From: Stephen Wolff <steve at BRL-BMD.ARPA>
Hear, hear! Let's hear it for concatenated nonsense syllables - or even
non-nonsense syllables; 3 x (3 consonants + 1 vowel), say, and then assume
only 1% of those are - for whatever reason - usable.
We use auto-disconnect after three unsuccessful login
attempts, so that 6 tries per minute is a generous
figure for dial-ups or telnets, even if automated.
And we check the bad-login-attempts files every day.
We feel the arithmetic odds against a break-in before detection are tolerable.
More information about the Comp.unix.wizards
mailing list