Home » Mailing list archives » freebsd-current » 2009 » April » 21

Re: OT: 2d password

Previous thread: OT: 2d password by Kỳ on Sunday, April 19, 2009 - 10:32 pm. (2 messages)

Next thread: auto boot into single mode by Kỳ on Monday, April 20, 2009 - 2:46 am. (4 messages)
[view original message]
From: Anthony M. Rasat
Subject: Re: OT: 2d password
Date: Sunday, April 19, 2009 - 11:20 pm

S+G7syBBbmgsIEh14buzbmggd3JvdGU6DQo+SSd2ZSBqdXN0IGZvdW5kIGEgcXVpdGUgZ29vZCB3
YXk6IHVzZSAyLWQgbW92aW5nIG9uIHRoZSBrZXlib2FyZC4NCg0KRG8geW91IGtub3cgdGhhdCBt
YW55IHBlb3BsZSBoYXMgZm9sbG93aW5nIHBhc3N3b3JkPw0KDQpxd2Vhc2R6eGMNCg0KSSBrbm93
IGxvdHMgb2YgcGVvcGxlIHVzZSBpdCAoT29wcywgdGhpcyBpcyBhIG1haWxpbmcgbGlzdC4gT2gg
d2VsbCwgdG9vIGJhZCkuDQoNClRoZSBiZXN0IHByYWN0aWNlIGlzIHN0aWxsIGNvbWJpbmF0aW9u
IG9mIGxldHRlcnMgYW5kIG51bWJlcnMsIElNTy4NCg0KLS0gDQoNClJlZ2FyZHMsDQoNCkFudGhv
bnkgTS4gUmFzYXQNCk1hbmFnZXIgLSBUZWNobmljYWwsIE5ldHdvcmsgYW5kIFN1cHBvcnQgRGl2
aXNpb24NClBULiBKYXdhIFBvcyBOYXRpb25hbCBOZXR3b3JrDQpHcmFoYSBQZW5hIEphd2EgUG9z
IEdyb3VwIEJ1aWxkaW5nLCA1dGggZmxvb3INCkpsbi4gUmF5YSBLZWJheW9yYW4gTGFtYSAxMiwg
SmFrYXJ0YSBTZWxhdGFuIDEyMjEwDQpJbmRvbmVzaWEuLQ0KUGhvbmUgMDIxMzIxODU1NjINClBo
b25lIDA4MTU3NDIxNzAzNQ0KRmF4IDAyMTUzNjUxNDY1DQpXZWIgaHR0cDovL3d3dy5qcG5uLmNv
bQ0KDQoqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqDQoq
KiogIEhhaSwgc2F5YSB2aXJ1cy4gVG9sb25nIGNvbnRyZW5nIHNheWEuICAqKioqDQoqKioqKioq
KioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioq


[ message continues ]
[view original message]
From: Jelte Jansen
Subject: Re: OT: 2d password
Date: Monday, April 20, 2009 - 1:20 am

Correct me if i'm wrong, for i'm not really up-to-date on password cracking 
algorithms, but i think that keyboard patterns are amongst the thing cracking 
tools try before switching to brute force, so in that sense this wouldn't make a 
very strong password.

Jelte
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"

[ message continues ]
[view original message]
From: Tim Clewlow
Subject: Re: OT: 2d password
Date: Monday, April 20, 2009 - 2:00 am

I prefer to use mnemonics / ancronyms derived from a phrase, then
add some numbers at the end as salt, eg, the phrase "The code that
never executes at all is the fastest." would become "tctneaaitf123"
- ie, I take the first letter of each word in the phrase, then add
123 at the end. Or you could use the 2nd or 3rd letters (skipping a
word if it does not have that many letters) - the point is there are
other ways to create relatively easily remembered passwords.

Cheers, Tim.

-- 
The code that never executes at all is the fastest.

_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"

[ message continues ]
[view original message]
From: Kỳ
Subject: Re: OT: 2d password
Date: Monday, April 20, 2009 - 2:28 am

On Mon, 20 Apr 2009 10:20:45 +0200

Thank you all for your comments.

In fact, I use generated password and PublicKey to login to my remote hosts. I also following some basic rules (for e.g, change password regurarly). I just need half-generated passwords for some popular purposes (local machines, for e.g). Some good ways are also very useful to help end users to protect themself.

Because it's very hard to remember generated password, it's stupidly that I used to use some mathematics function to generate password (and keep that function secret). But maths. functions is not easy to use (need a computer to generate password).

Finally I get into 2-d moving on the keyboard as described in my first post. I check some passwords in http://www.testyourpassword.com/ and see that some stupid patterns on keyboard show a "STRONG" status. I event get the BEST password with some simple moving around symbols and letters.

Though Athony said "qweasdzxc" is a popular I still wonder whether we can use complex patterns on keyboard? And what's tool that help me to check password strength?

Regards,

PS: !!WARNING!!

Discussing this topic may cause your habits to be known by others. I don't have intend to gather your information. Thank you for your understanding.

-- 
Ky Anh, Huynh
Homepage: http://viettug.org/
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"

[ message continues ]
[view original message]
From: Christof Schulze
Subject: Re: OT: 2d password
Date: Monday, April 20, 2009 - 4:17 am

I good way to remember secure passwords was presented in the uptimes=20
magazine a while ago in an article about passwords and their security.

Good passwords contain a lot of entropy.
Also the entropy of letters in the beginning of words seems to be higher=20
than the entropy towards the end of words in western languages.
The proposal that the author Thomas Maus is making is this:

Pick a sentence and take the first character(s) from each word to be your=20
password.

Example
"I like doing laundry wednesday evening 8pm."

the resulting password would be:
"Ildlwe8p"

It is easy to remember because the sentence is natural language. Also it is=
=20
fairly easy to come up with.
This article provides some good insights into the effectivity of password=20
policies. The bottom line is that the way these policies are used today=20
cause weaker passwords because they work against the user. In the end some=
=20
proposals are made what to do to obtain better passwords and how to=20
implement a policy for stronger passwords.

Regards



[ message continues ]
[view original message]
From: illoai@gmail.com
Subject: Re: OT: 2d password
Date: Tuesday, April 21, 2009 - 9:40 am

A jar of peanut butter nearby:
at16g25%Tota
A lantern battery:
ada165Kinca

-- 
--
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"

[ message continues ]
[view original message]
From: Andrew Milton
Subject: Re: OT: 2d password
Date: Tuesday, April 21, 2009 - 10:14 am

+-------[ illoai@gmail.com ]----------------------
| 
| A jar of peanut butter nearby:
| at16g25%Tota
| A lantern battery:
| ada165Kinca

Sucks when you change your brand...

-- 
Andrew Milton
akm@theinternet.com.au
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"

[ message continues ]
[view original message]
From: Chuck Robey
Subject: Re: OT: 2d password
Date: Monday, April 20, 2009 - 11:56 am

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Actually, if you can use the machine in question only from a central machine,
then the most secure way if to set yourself up to use ssh keys, and then to
remove entirely any passwords at all.  Kinda difficult to crack a machine which
hasn't got any passwords, and ssh keys is a very convenient/secure access
method.  Lot of the folks on this list know about that, because it's the way
that you have to log into your accounts on hub.  Makes things very secure and
very easy.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAknsxXEACgkQz62J6PPcoOnzXwCfbHC5vmNnx0Y79oGWtXufW6RG
bpkAn0uKfowAru96Pchnx1jZJV00GRha
=0Gjn
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"

[ message continues ]
Previous thread: OT: 2d password by Kỳ on Sunday, April 19, 2009 - 10:32 pm. (2 messages)

Next thread: auto boot into single mode by Kỳ on Monday, April 20, 2009 - 2:46 am. (4 messages)