On 17 Dec 2009 at 16:08, [email protected] wrote: > > -----Original Message----- > > From: [email protected] [mailto:[email protected]] > > On Behalf Of Ulrich Windl > > Sent: Thursday, December 17, 2009 1:27 PM > > To: [email protected] > > Subject: RE: minimum password length check > > > > On 17 Dec 2009 at 0:55, [email protected] wrote: > > > > > Essentially what you are saying is that we haven't implemented the > > > secret's bit randomness calculation to check if has atleast 96bits > of > > > entropy. > > > > > > > No, I just wanted to point out that the quality of a secret key cannot > > simply be > > measured with "strlen(password)", and that 96 bits of randomness may > > require a > > longer string as one might initially have guessed. > > > > Right I get you right then.. > > Don't want to rework on getting the entropy of the secret. Do you mind > open-sourcing it so we could do the checks as I detailed in the previous > mail?
I don't have the code you are looking for, because what I have is Perl, and it does _create_ random secrets following a pattern, optionally outputting the estimated bits of randomness. Originally written to create similar, but different, not very obvious root passwords for a set of similar machines. Something completely different... Regards, Ulrich -- You received this message because you are subscribed to the Google Groups "open-iscsi" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/open-iscsi?hl=en.
