John Meyer wrote: > Robin Laing wrote: >> Harold Fuchs wrote: >>> On Tuesday, January 23, 2007 4:57 PM [GMT+1=CET], >>> Dan Lewis <[EMAIL PROTECTED]> wrote: >>> >>>> Comments inline. >>> The only real way to defeat a dictionary attack is to destroy the >>> encrypted document after <x> failures (x = 3, 5 ?) and hope the attack >>> isn't lucky within that <x>. One can also delay things considerably by >>> saying "after <x> failed attempts you can't try again for <n> minutes". >> I think that this should be the default. Of course if someone wishes, >> they could write an application to get around this limitation so we are >> back to a good algorithm to encrypt the data. >> >> > Three strikes and you're out. Now I think that might make some people > pay attention. I don't think you'd like to have two years worth of work > go up in smoke. > But then, people would go towards the easiest thing they could: writing > the passwords on their desk, and we're back to where we were before.
What about using a keypair or x.509 certificate to encrypt documents? You only need to remember the passphrase for the key/cert, and your documents are secured. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
