>Passwords aren't dead, and despite what IBM says I don't think they're >going away any time soon. But we need new rules and new guidelines >for managing them; the ones from the 1980s don't work anymore.
Yeah. At this point the issues seem to be, in no particular order: 1. Trivially guessable passwords 2. Password reuse 3. Keyloggers and other password stealing software The various risks depend a lot on the environment, e.g., what's trivially guessable depends on how often you're allowed to guess. R's, John _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
