> -----Original Message----- > From: [email protected] [mailto:[email protected]] > On Behalf Of Ulrich Windl > Sent: Thursday, December 17, 2009 1:27 PM > To: [email protected] > Subject: RE: minimum password length check > > On 17 Dec 2009 at 0:55, [email protected] wrote: > > > Essentially what you are saying is that we haven't implemented the > > secret's bit randomness calculation to check if has atleast 96bits of > > entropy. > > > > No, I just wanted to point out that the quality of a secret key cannot > simply be > measured with "strlen(password)", and that 96 bits of randomness may > require a > longer string as one might initially have guessed. >
Right I get you right then.. Don't want to rework on getting the entropy of the secret. Do you mind open-sourcing it so we could do the checks as I detailed in the previous mail? Thanks, Shyam -- You received this message because you are subscribed to the Google Groups "open-iscsi" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/open-iscsi?hl=en.
