Password Aging
Mike Waters
waters at dover.uucp
Wed Jan 4 03:45:17 AEST 1989
In article <17986 at adm.BRL.MIL> VINCE%UCONNVM.BITNET at mitvma.mit.edu writes:
>Barry Shein writes:
>>We just did this, lessee, 100 character set, 8 chars, 100^8, assume
>>10,000 encryptions per second is a good upper bound (we'll take a
. . .
>
>But a 50 character set gives only 183 years, not 31,709, and if you really
>use only lower case letters plus a bit (30 chars) your 31,709 years
>becomes 2 years.
And if we use only easily remembered words it becomes as small as hours.
In another thread here the author figures about 200K words > 5 char. long.
Thats not very many to search if you can automate your search! Even using
10 words (50 char) gives a relatively small number.
I think the problem is real, but I don't have any better solutions.
--
Mike Waters AA4MW/7 *
Motorola CAD Group * Witty remark goes *HERE*
Mesa, AZ ...!sun!sunburn!dover!waters *
OR moto at cad.Berkley.EDU *
More information about the Comp.unix.wizards
mailing list