-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/05/2013 01:20 PM, [email protected] wrote: > On Tue, 05 Feb 2013 12:49:44 -0500, Rich Kulawiec said: >> I have a question. Please to consider the following candidate password: >> >> S.3-t=2ga+Zilg59CEkp4 >> >> I'm curious as to how y'all would classify that on a scale of weak-to-strong. > > The answer is "it depends". It's a "strong" password if your threat model > includes rainbow tables and dictionary > attacks and brute force. It's a "insanely weak" password if your thread > model includes keystroke loggers and > people spotting the post-it note on the monitor. >
Aren't all passwords "insanely weak" for threat models that include keystroke loggers and spotting the post-it on the monitor? ~c -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJREVMJAAoJELuLPXMxqTZ/q9sP/RpsJ48LeXFe9nt2wtbp9vQE Y0GWmnLatJDdSX8Q+zHZXAEF2kY5MoxbOkoREh3ZlnFa54pzEN2fMzhOpRBuKnAN dLD7XDXAEP5Y3QNsxpRiiaXZ9ytP2QLh8yNYShQfjXKIdLh5rOjZsCHYhTJqGSKm nL69CvJkvNTMtqFzN9csXs7X8lvFZlKuhYjGUIU5h7Zh6KO9AW/vDCbLUZ9bZoaU vsvq0EheiYV5WDru/48bKJ5HSf28VtGBGAXoGzqPwPFQq5DBK8bFh6TKRmK8rZxB MeUzexk2PKimfjA0aIXZFR6/RBmdDNwCIthaUQzgH2bWBWYnW2Ia+olBZJ3xRPnT 4h94Z5QaK53lziGrg/y0T8HxQX2r6jBav9R/0ivzTZa3r+ylNNaXlNObsUwE30eI HvxqIJFCUmhrZbXqo7pIobtG3jtYsSrI2xO6GW+s4Yk93CfEq+olehYXtsSVV9/g V/FwEr1FU1pCmPNrvkcj+9jIwaxK9XAxYyXJz0t2z7EPZIW15Aos+lWf4J2oYpsL YAhNwHJL+dDDSz+vZ8VhE3n8+ySalZJfBE/x2yBOAvvBen7chBpwhI2i+ZDPjmPC x13OKV1ZdWPl7mO3UV1f2GV9dZ6s+HTdW46JAIZgOlubCZFKDFU3N+kbkIovbAMW WpzcXfG0wVm5HUbLXvX4 =XXYL -----END PGP SIGNATURE----- _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
