if it's a password a *HUMAN* has to enter, they'll never remember it and probably write it down somewhere which would make it very weak.
If you can 100% guarantee that said human will keep it in a password safe and simply cut and paste it into the password it would be much stronger, to very strong If a HUMAN never has to enter it by hand, and it's only used by a machine, and is encrypted at rest (in code or wherever), then it's very strong. Just my 2 cents :-) Michael P. Blanchard Senior Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE Cyber Security Services EMC ² Corporation 32 Coslin Drive Southboro, MA 01772 -----Original Message----- From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On Behalf Of Rich Kulawiec Sent: Tuesday, February 05, 2013 12:50 PM To: funsec@linuxbox.org Subject: [funsec] While we're all trying to fix politics, economics, etc. I have a question. Please to consider the following candidate password: S.3-t=2ga+Zilg59CEkp4 I'm curious as to how y'all would classify that on a scale of weak-to-strong. Yes, I have a reason for asking, but I'd like to withhold that for the moment in order to gather opinions based on the merits. (And fixing politics, economics, etc.? Simple. When I am Supreme Emperor and Lord of the...what?! Oh man...y'all are no fun at all. Fine. *Fine*. You ingrates will have to do it the hard way.) ---rsk _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
