Pedantic comment in line.
""Howard C. Berkowitz"" <[EMAIL PROTECTED]> wrote in message
news:p05001943b67a45feb3c2@[63.216.127.98]...
> >Ray,
> >
> >I think there is a misunderstanding. What he said was non alphanumeric
> >(something other that letters and numbers).
> >What I think he means is characters such as !@#$%^&*(), and others.
> >Alphabetic characters, numbers, and especially mixed case are very much
> >recommended for security, BUT, I can understand the problems associated
with
> >a user not remembering that he had the 3rd letter of his cat's name
> >capitalized.
> >
> >My $ 0.02
> >
> >Brad
>
> Hope it's not getting too far afield, but there are some tricks for
> getting strong but memorable passwords.
>
> The passphrase is good. Remember some natural-language phrase such as
>
> "Ciscos that aren't fish aren't kosher"
>
> and use the first two letters of each word, capitalizing the first:
>
> CiThArFiArKo
>
> or even only capitalize the letters that normally would be capitalized:
>
> "John Chambers, router jockey"
>
> JoCarojo
Howard - Your jockey's fallen at the second hurdle, but I get the idea I
think ;-)
Some of us have trouble remembering our date of birth - MCMLXIV
>
> You can strengthen any of these, assuming the strings are varying
> length, by splitting the passphrase into two and putting one or more
> numeric digits at the center. Passwords with numbers at the beginning
> or end are a bit easier to guess.
>
> There are other tricks that could work with specific people. Without
> getting specific, my personal passwords come from a background in
> biochemistry, and tend to be formulas with deliberate errors in them.
>
> The Department of Defense/NSA password management guide at
> http://www.fas.org/irp/nsa/rainbow/std002.htm is quite well written
> and gives insights into the relative strength of passwords.
> >
> >-----Original Message-----
> >From: Ray Mosely [mailto:[EMAIL PROTECTED]]
> >Sent: Thursday, January 04, 2001 9:14 AM
> >To: studygroup
> >Subject: RE: Electrical and General knowledge
> >
> >
> >Sorry, if I understand your comments on passwords,
> >I must disagree. Username passwords should contain
> >non-alphabetic characters. This doesn't effect Cisco,
> >because so far no one seems to have created the right
> >software to hack the secret password hash.
> >
> >However, the Cisco secret password hash is similar to
> >Microsoft's, and l0pht has long ago created a brute
> >force hack. I ran the l0pht crack on my userlist 2
> >months ago.
> >
> >The only passwords that were NOT cracked were mine and
> >my student worker's. Both had non-alphabetic characters.
> >
> >Ray Mosely
> >CCNA, MCSE
> >
> >-----Original Message-----
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
