This is near and dear to my heart so I had to evangelize: http://www.baekdal.com/tips/password-security-usability
I disagree only slightly in that - lookup tables for any password less than 12 characters are readily available - devices can be tried several hundred times a second The counter argument: - If the attacker has physical access to the device or database in the first place, all bets are off And, of course, the best password is the one that you can stick on the sticky note and no one will be any the wiser: "Call John at 6:30" "Meeting on Tuesday" "mail dropoff before 5" AJ ONeal
-------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info (unsubscribe here): http://uug.byu.edu/mailman/listinfo/uug-list
