[Dshield] Password Strength

James Riden j.riden at massey.ac.nz
Mon Oct 18 02:56:39 GMT 2004


Shane Presley <shane.presley at gmail.com> writes:

> Hello,
>
> Thanks to the list for all their help with my previous questions. 
> Here's my latest.
>
> We have some new passwords being proposed for some unix accounts.  We
> use two factor for normal users.  But these are the root accounts. 
> They're locked away for emergency so use, but we still need them.  Are
> there any standards to test the strength?  So far they are all:
>
> -8 or more characters
> -Upper and lower case
> -Include special characters
> -Are not based on any word
>
> Anything else? Is there any sites/tools to test a password's relative
> strength?  So far all I know of is crack.

'john the ripper' - http://www.openwall.com/john/

cheers,
 Jamie
-- 
James Riden / j.riden at massey.ac.nz / Systems Security Engineer
Information Technology Services, Massey University, NZ.
GPG public key available at: http://www.massey.ac.nz/~jriden/




More information about the list mailing list