Fwd: about accounts file

Tres Finocchiaro tres.finocchiaro at gmail.com
Sun Aug 25 13:10:49 EDT 2013


And similarly, if your argument, that all passwords must be difficult to
type and must be near impossible to read over the shoulder or else they are
REALLY BAD, which in turn makes the user STUPID seems naive and ignorant to
any basic  practical, efficient, easy to remember methods of memorization.

The password:

"Eth at ngoesoutofh1swaytocr3ategreatpasswords!"

Is more complex than your example and not subject to a common rainbow
attack.  In addition, also requires less memorization to retain, since it
relies on relational ideas in our of long term memory.  To call someone
stupid for choosing this password seems a big harsh on a percentage of the
population that's going to *better* lengths to secure their data.  Stating
"password1" is stupid is accurate for several reasons, however, does that
in turn make all easily retainable passwords stupid as well?  I for one
tend to choose something closer to a sentence over hard to type and
remember character strings?  Am I and most people I know doing it wrong?
Is there something about passwords WE are naive to?
On Aug 25, 2013 12:50 PM, "Ethan Blanton" <elb at pidgin.im> wrote:

> Matthias Apitz spake unto us the following wisdom:
> > $ echo 'Oj4=puC/8jq' | openssl enc -base64
> > T2o0PXB1Qy84anEK
>
> If your assertion is that someone will remember Oj4=puC/8jq but not
> T2o0PXB1Qy84anEK, then your argument has descended into the realm of
> the absurd.  To effectively snatch either one they're going to have to
> either see it for a long time, see it many times, or take some sort of
> photo/record.
>
> Ethan
>
> _______________________________________________
> Support at pidgin.im mailing list
> Want to unsubscribe?  Use this link:
> http://pidgin.im/cgi-bin/mailman/listinfo/support
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pidgin.im/pipermail/support/attachments/20130825/63021116/attachment.html>


More information about the Support mailing list