Half the stuff I do now every day *was* in the realm of science fiction. <insert sound of Kirk flipping open his communicator>
Doug Hilderbrand | Systems Analyst, Information Technology | Crane Aerospace & Electronics Work: 425-743-8172 | Mobile: 425-835-DOUG(3684) From: Andrew S. Baker [mailto:[email protected]] Sent: Thursday, August 18, 2011 10:43 AM To: NT System Admin Issues Subject: Re: Why not failwords? Until now, this concept has been the realm of science fiction and spy movies. Off-hand, I can't think of any reason not to do it either. I would love to see it implemented in modern OSes, and critical business apps. ASB http://about.me/Andrew.S.Baker Harnessing the Advantages of Technology for the SMB market... On Thu, Aug 18, 2011 at 1:25 PM, Hilderbrand, Doug <[email protected]> wrote: I was just reading all those emails about making hard to crack passwords (Almost but not quite OT: Passwords). I like Steve Gibson's analysis of why long passwords are harder to brute force crack than shorter complex ones. But, I wonder... Why hasn't anyone implemented fail words? Two or more passwords associated with your account or whatever. One you use for normal access and is as hard to crack as you can make it and still be memorable. Then another password that would be easy(er) to crack that triggers some event? Here are a few scenarios I can think of off the top of my head: [] Bank manager forced to open the vault at gunpoint. Use the failword. Opens the vault and rings the silent alarm. [] Someone tries to login to your PayPal or bank account and tries your failword. They get the usual bad password result, but you get a text message on your cell phone. [] Someone tries to unlock your iPhone. They try the failword and it gets locked until you send it a special email or text or 24 hours expire, etc. Is there some reason this is a bad idea? I can't think of any... Doug Hilderbrand | Systems Analyst, Information Technology | Crane Aerospace & Electronics ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin -------------------------------------------------------------------------------- Check out the new Crane Aerospace & Electronics Newsroom! http://newsroom.craneae.com Like us on Facebook! http://www.facebook.com/home.php?#!/pages/Crane-Aerospace-Electronics/163305413682908 We value your opinion! How may we serve you better? Please click the survey link to tell us how we are doing: http://www.craneae.com/ContactUs/VoiceofCustomer.aspx Your feedback is of the utmost importance to us. Thank you for your time. -------------------------------------------------------------------------------- Crane Aerospace & Electronics Confidentiality Statement: The information contained in this email message may be privileged and is confidential information intended only for the use of the recipient, or any employee or agent responsible to deliver it to the intended recipient. Any unauthorized use, distribution or copying of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify the sender immediately and destroy the original message and all attachments from your electronic files. -------------------------------------------------------------------------------- ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
