On 3/26/06, J. Theriault <[EMAIL PROTECTED]> wrote: > ... > Why not just encourage your users to use a "passphrase" instead of a > "password", such as using a (with proper grammar) book/movie quote or > phrase?
excessive typing == unnecessary leaked information and longer auth process (acoustic, profiling, easier pattern discovery, etc.) i don't have a problem supporting a passphrase mode (>16 chars? >32?) but i'd rather not make it the default. (and the default is and must be the most secure and usable path for this to be trustworthy and widely usable) _______________________________________________ p2p-hackers mailing list p2p-hackers@zgp.org http://zgp.org/mailman/listinfo/p2p-hackers _______________________________________________ Here is a web page listing P2P Conferences: http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences