Re: Password policy.

To: debian-user@lists.debian.org
Subject: Re: Password policy.
From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>
Date: Thu, 15 Nov 2018 03:41:42 +1100
Message-id: <[🔎] 4e8ad689-f02a-5f61-8540-1704244c6c4c@affinityvision.com.au>
In-reply-to: <[🔎] 14112018152616.447b9ec0d9a7@desktop.copernicus.org.uk>
References: <[🔎] E1gMbT7-0001Ge-TB@dalton.invalid> <[🔎] E1gMlGF-0003eA-7F@dalton.invalid> <[🔎] 14112018093523.d0a297112cbc@desktop.copernicus.org.uk> <[🔎] 63d3b9d3-8e7e-0bf5-c680-a5400a74931d@affinityvision.com.au> <[🔎] 14112018110716.ee82c2b95d40@desktop.copernicus.org.uk> <[🔎] 8a1dcb8c-3f1f-44df-6d38-212fb2fcf0cc@affinityvision.com.au> <[🔎] 14112018152616.447b9ec0d9a7@desktop.copernicus.org.uk>

On 15/11/18 2:51 am, Brian wrote:
> And what is the value to an attacker in having /etc/shadow, assuming it
> can be decrypted in a sensible time frame? Remotely logging in? Surely
> not in these days of ssh keys?

Well.... re-use of passwords.

We all know that if you have a username (often times an email address)
and the password used for that username, then there are too many places
where that same credentials might be re-used elsewhere.

A.

Reply to:

Follow-Ups:
- Re: Password policy.
  - From: Brian <ad44@cityscape.co.uk>

References:
- Password policy.
  - From: peter@easthope.ca
- Re: Password policy.
  - From: peter@easthope.ca
- Re: Password policy.
  - From: Brian <ad44@cityscape.co.uk>
- Re: Password policy.
  - From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>
- Re: Password policy.
  - From: Brian <ad44@cityscape.co.uk>
- Re: Password policy.
  - From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>
- Re: Password policy.
  - From: Brian <ad44@cityscape.co.uk>

Prev by Date: Re: how to backup to an encrypted usb drive?
Next by Date: Re: how to backup to an encrypted usb drive?
Previous by thread: Re: Password policy.
Next by thread: Re: Password policy.
Index(es):
- Date
- Thread