On 04/19/2011 14:35, gnupg-users-requ...@gnupg.org wrote: > Maybe because, since this is the support list for GnuPG, we are all > thinking more about how to protect an encrypted file than about how to > protect a server account. relevance?
what difference does it make if I am discussing a server logon or the password for a .zip? 3 strikes, you're out would be good on the server but for the .zip the delay after bad makes more sense if i delay responding to a bad password for 1 second the speed of your processor become irrelevant: you now need 1000 vm's to get to 1m tries/sec. and there's no real reason i wouldn't make it 10 sec after the 2d bad try, and then 30 min after the 3d -- like the Novell server used to do -- /MIKE
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
