[Dshield] Password Strength

Jorge Fernandes jorgefernandes at cmvm.pt
Mon Oct 18 10:56:32 GMT 2004

Since we're talking about password length/strength I'd like your opinion
on Robert Hensing's article:

"Why you shouldn't be using passwords of any kind on your Windows
networks . . . ":
With the corrections he made on his main page:

It concerns the use of pass-phrases instead of passwords and I would
really appreciate your thoughts on the subject.

Best Regards
Jorge Fernandes

-----Original Message-----
From: Chris Brenton [mailto:cbrenton at chrisbrenton.org] 
Sent: segunda-feira, 18 de Outubro de 2004 10:57
To: General DShield Discussion List
Subject: Re: [Dshield] Password Strength


Since you are talking UNIX, you may want to up the minimum length to
10-12 characters. Remember that adding another password character under
UNIX increases the cracking time exponentially, it does not decrease it
like under Windows.  


More information about the list mailing list