Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!usc!samsung!rex!uflorida!gatech!emory!dixie.com!meo
From: meo@Dixie.Com (Miles ONeal)
Newsgroups: comp.misc
Subject: Re: (In)security of passwords
Message-ID: <9336@rsiatl.Dixie.Com>
Date: 7 Apr 91 03:41:16 GMT
Organization: Systems & Software Solutions, Inc.
Lines: 29

Using non-letters in place of letters in long words can work well,
too, if you avoid obvious words especially. Try to use a random
substitution scheme as well - otherwise you just end up with a
different set of 26 characters.

Examples:

$+alker (stalker) - not for use by hunters, outdoors types, etc
a!1enate (alienate) - random word for most of us
p0tpurr1 (potpurri) - good password for a macho man

If you combine this with things such as using the recently
suggested quote-1st-letters approach, or the inner parts of
long words (hern0BY| - from chernobyl), mixed case, etc,
you end up with essentially random collections of the printable
parts of the ASCII character set.

Phonetic spellings, uncommon words from the OED or Webster's
Unabridged, that aren't in /usr/lib/dict or wherever - the
possibilities are not infinite, but they are close enough
for most people.

CavenewT is not a good password for a talk.bizarre type.
Secur1+e, while ok, is not the best one for Phil Ronzone.

You get the idea.

-Miles
meo@dixie.com