Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!samsung!olivea!bu.edu!m2c!wpi.WPI.EDU!ear
From: ear@wpi.WPI.EDU (Eric A Rasmussen)
Newsgroups: comp.org.eff.talk
Subject: Re: Should we let students run COPS to get each other's passwords?
Message-ID: <1991Jun19.043544.15253@wpi.WPI.EDU>
Date: 19 Jun 91 04:35:44 GMT
References: <1991Jun17.144526.16230@ddsw1.MCS.COM> <27141@as0c.sei.cmu.edu> <1991Jun18.205258.25918@cirrus.com>
Organization: Worcester Polytechnic Institute
Lines: 25

In article <1991Jun18.205258.25918@cirrus.com> dhesi@cirrus.com (Rahul Dhesi) writes:
>Checking to make sure that a password used is not in any online word
>lists can be very time-consuming.  It is more efficient to generate in
>advance what I call a LOWNIAL (list of words not in any list).  Ideally
>you would use a modified /bin/passwd program that would accept a
>password only if it was found in the online LOWNIAL, and reject all
>others.

Umm, I hope that was a joke...

Assuming you weren't joking:
----------------------------
1) That's the dumbest idea I've heard all week... If one person get's ahold
of the list, you're screwed.
2) By definition, your list would have to be empty.  As soon as you added a
word to it, it would be in a list and then it would have to be excluded.
3) This would result in no passwords at all.
4) The poor Websters would be up all night coming up with definitions for
'words' like 9xjh;-)6$sH!.

+---------< Eric A. Rasmussen - Mr. Neat-O (tm) >---------+ +< Email Address >+
|   A real engineer never reads the instructions first.   | | ear@wpi.wpi.edu |
|   (They figure out how it works by playing with it.)    | | ear%wpi@wpi.edu |
+---------------------------------------------------------+ +-----------------+
                     ((( In Stereo Where Available )))