Pass-phrases vs. passwords
Eric Dunbar
eric.dunbar at gmail.com
Tue Feb 15 13:52:36 UTC 2005
Even though this comes from a tainted source, it's still an
interesting discussion about the use of "pass phrases" vs. passwords:
"Do you see a pattern here? Pass-phrase LENGTH, not complexity
defeats these attacks. Short, but complex passwords should be shunned
as they are not truly secure anymore and you are deceiving yourself if
you think they are. Long pass-phrases (14 characters or more) are the
future (along with 2-factor or more authN, but that's another blog for
another day) and are the only way to go if you want to ensure that you
won't get hacked via any type of password based attack of any kind."
<http://weblogs.asp.net/robert_hensing/archive/2004/07/28/199610.aspx>
PS FM(y)I What is the password length for *nix systems using the
different (& most common) types of authentication?
More information about the ubuntu-users
mailing list