cobaco (aka Bart Cornelis) wrote:
My home pc is protected with a wordbook password for the personal user account. The advantage is that it is easy to type (omitting Caps, interpunction and numbers lessens the movement of the fingers) and still keeps everyone I know from having write access to my files.On Friday 25 March 2005 10:04, Jouke Witteveen wrote:cobaco (aka Bart Cornelis) wrote:On Wednesday 23 March 2005 14:02, Christian Perrier wrote:ok, so how 'long' can the long description be?Tricky..:-) But you can use the podebconf-display-po utility for this (from the po-debconf package). Of course you have to use it in a 80x25 terminal.ok, updated version attached, I pruned it so it fits on 1 screen in a 80x25 terminal (which is better, though that screen does scroll, we really need a better scroll indicator in the dialog frontend :-( )It's still quite big.It fits on one screen which is what countsIs it realy necessary to give such an extended description of a good password?necessary, no, useful yes (IMO) (and really the given discription is pretty much a minimal description of a good password, and how to choose one)I mean, if you do need a good password (ie you're a professional sysadmin) you already know this. If you don't (you're setting-up Debian on a personal pc) you probably won't need one andif you're gonna use passwords at all, you should make sure they're good passwords, otherwise you might as well not bother. (and in any case it being a personal machine won't stop it from being a target these days, almost everyone now has an always one broadband connection) IMO such people shouldn't install a Debian server.As to an admin already knowing this. there's lots of people acting as the admin of networks (in for instance schools, non-profits, small companies, ...) that don't have an ICT-background (they simply happen to be the person with the most ICT-knowhow available), and my experience tells me odds are they won't know (the company I work for does networks for schools, on each school there's 1 or 2 teachers doing the daily admin stuff (such as changing the backup tapes), for about a year I tought the 2-day ICT course they get as part of the package, and they _needed_ to be told) Yes, when, as you say, people don't know what a good password is you must explain.just saying: "Dit is belangrijk, zorg dat je een goed wachtwoord neemt" will make the situation clear too...if you're gonna tell them they need a good password, you should also tell them what that means, it's kinda pointless to start explaining something and then stop halfway. One of the first programs I ever wrote (QBASIC) generates good passwords. You can skip the explanation and just give an _example_ (generated by such a program) of a good password (no more than an example; they must still think of a password themselves). You can also propose to run a C variant of this program to generate a password.('what's a good password', and 'how do you choose one you can still remember are the 2 questions I got asked _every_ single time, when I tought that course) To remember a good password you should type it a thousand times and just learn it by heart. (Old, unmodified source included below for it's sentimental value) But that's just a suggestion. I do not think it's a necessity to change it. It is good as it is, though it can be better. One other question; Why speak english on a dutch list? REM 0-9=48-57; A-Z=65-90; a-z=97-122 sta: PRINT : PRINT "interrelations:": PRINT PRINT "uppercase:": PRINT "lowercase:": PRINT "numbers:" LOCATE CSRLIN - 3, 12: INPUT "", uc% LOCATE CSRLIN, 12: INPUT "", lc% LOCATE CSRLIN, 12: INPUT "", nr% PRINT "---": INPUT "length: ", lh% PRINT : PRINT aga: LOCATE CSRLIN - 2: PRINT : PRINT "password: "; FOR ct% = 1 TO lh% RANDOMIZE TIMER rm% = INT((uc% + lc% + nr%) * RND + 1) RANDOMIZE TIMER IF rm% <= uc% THEN PRINT CHR$(INT(26 * RND + 65)); IF rm% <= (uc% + lc%) AND rm% > uc% THEN PRINT CHR$(INT(26 * RND + 97)); IF rm% > (uc% + lc%) THEN PRINT CHR$(INT(10 * RND + 48)); NEXT ct% PRINT : PRINT "again? "; DO: ky$ = INKEY$: LOOP UNTIL ky$ <> "": PRINT ky$: IF ASC(ky$) = 13 THEN LOCATE CSRLIN - 1 IF ky$ = "y" OR ky$ = "Y" OR ky$ = " " OR ASC(ky$) = 13 GOTO aga PRINT "new password? "; DO: ky$ = INKEY$: LOOP UNTIL ky$ <> "": PRINT ky$: IF ASC(ky$) = 13 THEN LOCATE CSRLIN - 1 IF ky$ = "y" OR ky$ = "Y" OR ky$ = " " OR ASC(ky$) = 13 GOTO sta PRINT "press any key to exit...": DO: LOOP UNTIL INKEY$ <> "" END |