[dba-Tech] Cross post - Password security

Jim Lawrence accessd at shaw.ca
Thu Aug 11 09:06:22 CDT 2011


Here is a comment for a very good systems guy on that level and type of
password:

"Yep. I saw that. Unfortunately, it is flawed. Reason being that the average
person only has a small vocabulary and therefore this does not increase the
entropy as much as suggested. In fact, a four word password could easily be
cracked within a few days with current CPU/GPU technology. It's a nice idea
though, which does lead to decent password strength if you tweak the idea a
bit with something like putting x many underscores in front of the password
and something like that. A bit like salting your hash function."

Jim


-----Original Message-----
From: dba-tech-bounces at databaseadvisors.com
[mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Stuart McLachlan
Sent: Wednesday, August 10, 2011 2:24 PM
To: 'Off Topic'; 'Discussion of Hardware and Software issues'
Subject: Re: [dba-Tech] Cross post - Password security

Talk about co-incidence.  Today's xkcd: 

http://xkcd.com/936/



-- 
Stuart

On 10 Aug 2011 at 20:57, Jon Tydda wrote:

> Hi all
> 
> Someon'e just posted this on my wall on facebook, and it looks really
> interesting, thought I'd share it.
> 
> https://www.grc.com/haystack.htm
> 
> 
> Jon
> _______________________________________________
> dba-Tech mailing list
> dba-Tech at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/dba-tech
> Website: http://www.databaseadvisors.com
> 



_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com




More information about the dba-Tech mailing list