Web lists-archives.com

Re: Password policy.




On Tue 13 Nov 2018 at 18:50:35 -0800, peter@xxxxxxxxxxx wrote:

> *	From: Brian <ad44@xxxxxxxxxxxxxxx>
> *	Date: Tue, 13 Nov 2018 18:14:32 +0000
> > OTOH, if a*isvg is known to be the name of your dog.......
> 
> The reference in my enquiry is clear about that.
> https://www.debian.org/doc/manuals/debian-reference/ch04.en.html#_good_password
> Section 4.3.
> "Do not choose guessable words for the password. ...  pets, ... are
>  all bad choice for the password."

My comment was a reference to the reference. :)

> > You are going to have to say what you mean
> > by "brute force",
> 
> https://en.wikipedia.org/wiki/Brute-force_attack

Security is already breached if a password database can be attacked in
that way. A six character (upper and lower case) login password would
take about 500 years to force for someone at the keyboard. This assumes
three seconds per try without coffee breaks.

I'm the cautious type, so use ten character passwords.

-- 
Brian.