[TriLUG] Securely and Accurately transmit passwords

MG mgmonza at gmail.com
Tue Oct 2 12:40:45 EDT 2007


Oddly enough, CBC (Canadian news) ran an article on password security today:

http://www.cbc.ca/news/background/tech/passwords.html



Jeremy Portzer wrote:
> Chris Knowles wrote:
>
>   
>> Recently we've started seeing that they've taken these cards, taped them
>> into their laptops in plain sight.  (And occasionally annotated them
>> with much too much information as to what that password would buy you.)
>>
>> Since the passwords are complex, phone conversations tend to lead to a
>> lot of phonetic spelling and shouting.  
>>     
>
> Maybe the problem is the passwords are TOO complex requiring all but the 
> most anal sysadmin to refer to a written reference?  Maybe you could 
> consider simplifying them a bit so people can more easily remember them? 
>   E.g. something like "2 of the 3:  digit, capital letter, or symbol." 
> Something like "Must contain at least 2 of each:  digit, capital 
> letters, and symbols" is much harder to deal with.
>
> Also, do users pick their passwords or do you pick them arbitrarily?
>
> There are a lot of 'social' aspects to password complexity schemes that 
> are interesting to study.  I don't know the state-of-the-art here.
>
> --Jeremy
>   



More information about the TriLUG mailing list