[unisog] [Fwd: Is the current password std flawed?]
Cooper F. Nelson
cnelson at ucsd.edu
Fri Feb 25 22:35:24 GMT 2005
I've migrated away from passwords in the last year and have focused
exclusively on using public/private key authentication. All the servers
I administer have interactive logins disabled by default. I only keep a
password on my account so I can login from the console. All system
accounts, including root, have their password locked.
When one must use a password, consider mixing a typical mnemonic passwd
mixed into a pass phrase.
"Abandon all hope, \//h0Ev3r enters here"
or use a conveniently dead language that you spent three years studying
in high school...
"Potius mori quam F0eD at r1!"
Not much harder to remember or type than a standard password, but much
More information about the unisog