Xref: utzoo alt.security:767 comp.protocols.tcp-ip:11578 alt.sys.sun:953 Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!ucsd!swrinde!cs.utexas.edu!yale!cmcl2!stealth.acf.nyu.edu!brnstnd From: brnstnd@stealth.acf.nyu.edu Newsgroups: alt.security,comp.protocols.tcp-ip,alt.sys.sun Subject: Re: anonymous ftp, and the dangers thereof Message-ID: <19105:Jun616:44:3190@stealth.acf.nyu.edu> Date: 6 Jun 90 16:44:31 GMT References: <1990Apr20.192233.4092@utzoo.uucp> <6721@blake.acs.washington.edu> <1990Jun3.152118.4758@cunixf.cc.columbia.edu> Reply-To: brnstnd@stealth.acf.nyu.edu (Dan Bernstein) Distribution: usa Organization: IR Lines: 44 In article <1990Jun3.152118.4758@cunixf.cc.columbia.edu> shenkin@cunixf.cc.columbia.edu (Peter S. Shenkin) writes: [ if passwords are ``good,'' they'll be written down ] > Not that I have answers.... I have an answer, which I posted to alt.security a few weeks ago but which was obliterated by cmcl2's alt.* distribution. Here's another copy. ---Dan From: brnstnd@stealth.acf.nyu.edu Newsgroups: alt.security Subject: How to get the advantages of all types of passwords Message-ID: <11082:May1722:49:4990@stealth.acf.nyu.edu> Date: 17 May 90 22:49:49 GMT References: <1990May3.211534.11818@Solbourne.COM> <1990May9.185628.9241@utzoo.uucp> Reply-To: brnstnd@stealth.acf.nyu.edu (Dan Bernstein) Organization: IR Lines: 23 X-Original-Subject: Re: Improved password cracker - add a sleep() User-chosen passwords are easily guessable. Random system-generated passwords are written down all too often. Expired passwords have been shown to make password guessing easier, and they don't provide any advantage. What's the solution? Mix 'n' match. A password has, say, two parts: one chosen by the user and neither expired nor restricted, one generated randomly by the system and changed periodically (some sizable fraction of a year). The first part is NEVER written down; users are told that if they write down the first part, they'll be drawn and quartered. The second part is almost certainly written down, typically on a piece of paper in the user's desk; users are explicitly told that this is okay. Because the first part of the password is chosen by the user and never written down, a casual cracker can't find it by just snooping around an office. Because the second part of the password is chosen by the system, brute-force cracking will fail miserably. I proposed this last year (in u-w) but never saw much response. ---Dan