Re: Password policy.

To: debian-user@lists.debian.org
Subject: Re: Password policy.
From: Brian <ad44@cityscape.co.uk>
Date: Wed, 14 Nov 2018 09:44:05 +0000
Message-id: <[🔎] 14112018093523.d0a297112cbc@desktop.copernicus.org.uk>
In-reply-to: <[🔎] E1gMlGF-0003eA-7F@dalton.invalid>
References: <[🔎] E1gMbT7-0001Ge-TB@dalton.invalid> <[🔎] E1gMlGF-0003eA-7F@dalton.invalid>

On Tue 13 Nov 2018 at 18:50:35 -0800, peter@easthope.ca wrote:

> *	From: Brian <ad44@cityscape.co.uk>
> *	Date: Tue, 13 Nov 2018 18:14:32 +0000
> > OTOH, if a*isvg is known to be the name of your dog.......
> 
> The reference in my enquiry is clear about that.
> https://www.debian.org/doc/manuals/debian-reference/ch04.en.html#_good_password
> Section 4.3.
> "Do not choose guessable words for the password. ...  pets, ... are
>  all bad choice for the password."

My comment was a reference to the reference. :)

> > You are going to have to say what you mean
> > by "brute force",
> 
> https://en.wikipedia.org/wiki/Brute-force_attack

Security is already breached if a password database can be attacked in
that way. A six character (upper and lower case) login password would
take about 500 years to force for someone at the keyboard. This assumes
three seconds per try without coffee breaks.

I'm the cautious type, so use ten character passwords.

-- 
Brian.

Reply to:

Follow-Ups:
- Re: Password policy.
  - From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>

References:
- Password policy.
  - From: peter@easthope.ca
- Re: Password policy.
  - From: peter@easthope.ca

Prev by Date: RE: Verifying dependencins of DEB file(s)
Next by Date: Re: Archiving content of a directory on a DVD-R.
Previous by thread: Re: Password policy.
Next by thread: Re: Password policy.
Index(es):
- Date
- Thread