PASSWORD GUESSING

Rich Neitzel thor at stout.ucar.edu
Fri Aug 18 23:44:52 AEST 1989


In article <20648 at adm.BRL.MIL> Kemp at DOCKMASTER.NCSC.MIL writes:
>Any time a human tries to think up a "random" password, chances are it
>won't be as "random" as a machine could choose.  So why not have the
>machine generate it for you, and stop worrying.  The system I am using
>now enforces the use of machine-generated pronounceable passwords, and
>VMS systems can also generate them, although our system managers didn't
>make them mandatory.  I think there are similar programs floating around
>the unix archives.
>
I formerly worked at a clessified DOE site and all passwords for 
classified computers were machine generated. However, there was added
twist - a password generated on machine A could not be used on that machine or 
any simularly configured machine. For example, VAX/VMS generated passwords were
used on the HPs, IBM's on the VAX, etc. The reasoning was that to try and
crack the generator required access to two machines, which hopefully was
difficult enough to reduce the likelyhood of its occurrence.




-------------------------------------------------------------------------------



More information about the Comp.unix.wizards mailing list