-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -- David Lodge <[EMAIL PROTECTED]> wrote:
>Quoting Juha-Matti Laurio <[EMAIL PROTECTED]>: >> I think I have seen the results of this survey some years ago too, >> but the results are better this year. > >The big question is, how where the results validated? > >If somebody offered me something for a password, I'd give them any random password like word... > Exactly. I feel the same way about this as Bruce Schneier: "I haven't seen any indication they actually verified that the passwords are real. I would certainly give up a fake password for a bar of chocolate." http://www.schneier.com/blog/archives/2008/04/giving_up_passw.html I don't put a lot of credence into reports like that. :-) - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFID2uPq1pz9mNUZTMRAgUcAJ9SNb4EuWzsSZ9vJvCyR6evYIhJ8QCgrn5U 37Gvezo53yRs4VebuEeUs3E= =Esiw -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.