From owner-freebsd-questions Sat Feb 28 10:24:18 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA03780 for freebsd-questions-outgoing; Sat, 28 Feb 1998 10:24:18 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from scifair.acadiau.ca (scifair.acadiau.ca [131.162.160.32]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA03766 for ; Sat, 28 Feb 1998 10:24:09 -0800 (PST) (envelope-from miker@scifair.acadiau.ca) Received: from localhost (miker@localhost) by scifair.acadiau.ca (8.8.5/8.8.5) with SMTP id OAA17978; Sat, 28 Feb 1998 14:22:50 -0400 (AST) Date: Sat, 28 Feb 1998 14:22:50 -0400 (AST) From: Michael Richards To: Jan Koum cc: "Eric A. Davis" , LOlayiwola , questions@FreeBSD.ORG Subject: Re: Unix System Security In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, 27 Feb 1998, Jan Koum wrote: > >>A password like: 3%gP)3s would be a good one because it is not > One reason this would not be a good password is if the user can't > remember it is forced to write it down somewhere. In my mind it is better that a user write a password down and carr it on them for a few weeks until they can memorise than picking a dumb password that anyone could guess. One thing I often tell users is to take a phrase or chunks of lyrics from a song that they like, and take some of the letters. That way they can think about the song or whatever and remember their password. ta#ewa2# Now if you knew this password came from something dumb like: There A (hash) EveryWhere A (hash hash) You've now got something you can remember. I guess the method of remembering is user-dependant, but the point is, many many users choose BAD passwords, and something made up of english words is not a good password. -Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message