Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!clyde.concordia.ca!nstn.ns.ca!news.cs.indiana.edu!att!pacbell.com!ucsd!usc!samsung!munnari.oz.au!uniwa!DIALix!metapro!bernie From: bernie@metapro.DIALix.oz.au (Bernd Felsche) Newsgroups: comp.unix.large Subject: Re: Questions in Large Installation System Administration Message-ID: <1991Feb14.051446.3088@metapro.DIALix.oz.au> Date: 14 Feb 91 05:14:46 GMT References: <1991Feb7.014924.7633@erg.sri.com> <1991Feb07.190832.26048@ariel.unm.edu> Organization: MetaPro Systems, Perth, Western Australia Lines: 30 In <1991Feb07.190832.26048@ariel.unm.edu> dmckeon@hydra.unm.edu (Denis McKeon) writes: >Of course you can enrich the password character mix by doing things like: > 1Bs-Iw! One Bell system - It works! There are pnemonics using digits and alphabetics, like: 0b1ken0b For Star Trek fans 4getful For those who can't remember And other possible combinations of digits which sound like sylables 0,1,2,4,8 and for New Zealanders, 6. (try 6ul-dv8 with an NZer) Use your imagination! Passwords like these are difficult to guess, and are often not obvious, even when written down. It would be extremely difficult to mechanically crack them as well, though not impossible. Generating them would be almost as difficult. One of the best approaches with maintaining good passwords for users is to try to crack the yourself (at off-peak times), using personal data for users. If you crack one, I reckon they should pay you $20. If they forget theirs, it should cost them $5 to get a new one assigned. -- _--_|\ Bernd Felsche #include / \ Metapro Systems, 328 Albany Highway, Victoria Park, Western Australia \_.--._/ Fax: +61 9 472 3337 Phone: +61 9 362 9355 TZ=WST-8 v E-Mail: bernie@metapro.DIALix.oz.au | bernie@DIALix.oz.au