Your message dated Sun, 10 Sep 2006 15:21:44 +0200
with message-id <[EMAIL PROTECTED]>
has caused the Debian Bug report #386818,
regarding [passwd] Manpage suggests insufficient password picking method
to be marked as having been forwarded to the upstream software
author(s) Tomasz Kłoczko <[EMAIL PROTECTED]>.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
tags 386818 upstream
thanks
Quoting Simon Brandmair ([EMAIL PROTECTED]):
> Package: passwd
> Version: 1:4.0.18.1-1
> Severity: wishlist
>
> The manpage of passwd suggests following method to pick a password: "Your
> password must be easily remembered so that you will not be forced to write it
> on a piece of paper. This can be accomplished by appending two small words
> together and separating each with a special character or digit. For example,
> Pass%word."
>
> This method is not very secure, since many passwords can only be 8 characters
> long. Therefore, I can only use two short words with a combined maximum length
> of 7 charaters (plus a special character). This leads to a limited number of
> possible passwords. Such a password could be vunerable to lexical attacks.
>
> I would suggest a this method: 'This can be accomplished by picking two
> (longer) words, appending their first three characters together and separating
> each with two special characters or digits. For example, pick "summer" and
> "beach", your password could be "sum%9bea".'
I tend to agree. I'm actually not even sure that giving advices here
is really a Good Idea.
Tomasz, what's your feeling here ?
signature.asc
Description: Digital signature
--- End Message ---
