At 2:27 PM -0800 2/4/99, Steven M. Bellovin wrote:
>In message <[EMAIL PROTECTED]>, Harald Hanche-Olsen writes:
>>As is pointed out in the referenced article, this macro virus only
>>steals the (encrypted) private keyring, and hence private keys are
>>still safe unless the attacker can break the encryption. Which he can
>>easily do with a dictionary search, if the user has been overly
>>simplistic in her choice of pass phrase.
>
>Right. There was a paper presented this morning at NDSS on just how bad
>folks are at picking Kerberos passphrases. In other words, people haven't
>taken advantage of the freedom to use more than eight characters to
>improve their behavior. The same likely applies to PGP.
I did a small survey of PGP users a few years back that also found weak
passphrases are the rule. My paper is at
http://world.std.com/~reinhold/passphrase.survey.asc
There is a lot of bad advice on passphrase picking out there. I put up the
Diceware page http://world.std.com/~reinhold/diceware.html to provide a
prescriptive way for people to create strong passphrases that are
reasonable to remember.
Arnold Reinhold
