On Thu, 2004-07-22 at 22:59, s. keeling wrote:
> Incoming from Scarletdown:
> > 
> > An example of a good password (though since I'm posting it here, it can 
> > no longer be considered good) is:
> > 
> I disagree.  A cracking program is going to attempt to match
> permutations of dictionary words.  This will not add much more time to
> reach the solution.  Better is concatenation of two strings that won't
> match a dictionary pattern:
> b1rDW0rm
> > |<  == K
> > >< == X
> > |> == P
> > 
> > Anyone else care to add to this little list?
> Hadn't thought of those.  Cute.
> Apparently, the best is to replace crypt based passwords with RSA
> based, and use longer passwords.

Actually, best actual reasonable password is: to not use one

Use key-based authentication. Personally, I use 2048bit keys for machine
that are considered core/valuable.

Play machines... only get 1024bit. I have a master private key, with
everything being generated as subkeys from that. Yeap, the passphrase
for it is actually purty darn long. It is one of those things you hate
to type in. I really think about how long it is, it just flows from the
hands. Now come to think of it... at least 25 characters long.

Key authentication is by far much more secure than a regular password.

Best part is, you can make it so you only have to type your pass phrase

The technology that is
Stronger, better, faster:  Linux

Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to