On Sun, 17 Mar 2002 20:21:41 -0500
Chris Keelan <[EMAIL PROTECTED]> studiouisly spake these words to ponder:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Dateline: Sun, 17 Mar 2002 17:04:53 -0800 (PST): laying low until the
> bleeding stops, Ron Bouwhuis <[EMAIL PROTECTED]> transmits:
>
> > Poor password choice - especially for key UIDs such as
> > root - are the true Archilles Heel of *all* systems,
> > regardless of other security measures taken.
>
> Here's my surefire way to create an "unguessable" password:
>
> 1. Pick your second favorite book or movie.
>
> 2. Take the first letter of each word in the title (this only really
> works if you have a longish title).
>
> 3. Take the author's/director's initials (uppercase).
>
> 4. Take the year your edition was printed.
>
> So, for the second book of the Lord of the Rings trilogy, by John
> Ronald Reul Tolkein: The Two Towers (which isn't any one of my
> passwords), we get:
>
> ttJRRT84 --> 8 characters and definitely not succeptible to a
> dictionary-hash attack. It's also easy to remember, since you just
> sound it out as you type ("Two Towers, John Ronald... etc.).
>
> You could also vary the sequence so that the author comes first, the
> year comes first, etc. In fact, I recommend this approach if you have
> to change passwords every six months or so--a practice I highly
> encourage. Set all passwords on your system to expire within 90
> days.
>
Chris,
this is probably one of the better password schemes I've heard of. Not bad
at all. Well done...
--
daRcmaTTeR
---------------------------------------------------------------------
If at first you don't succeed do what your wife told you to do
the first time!
Registered Linux User 182496
---------------------------------------------------------------------
7:05pm up 1 day, 13:28, 2 users, load average: 0.28, 1.14, 0.78
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
