Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!clyde!burl!ulysses!mhuxl!ihnp4!zehntel!hplabs!sri-unix!steve@BRL-BMD.ARPA
From: steve@BRL-BMD.ARPA
Newsgroups: net.unix-wizards
Subject: Re:  Obvious password detector / eliminator
Message-ID: <206@sri-arpa.UUCP>
Date: Fri, 4-May-84 01:15:09 EDT
Article-I.D.: sri-arpa.206
Posted: Fri May  4 01:15:09 1984
Date-Received: Thu, 3-May-84 08:15:41 EDT
Lines: 12

From:      Stephen Wolff <steve@BRL-BMD.ARPA>

Hear, hear!  Let's hear it for concatenated nonsense syllables - or even
non-nonsense syllables; 3 x (3 consonants + 1 vowel), say, and then assume
only 1% of those are - for whatever reason - usable.

	    We use auto-disconnect after three unsuccessful login
	    attempts, so that 6 tries per minute is a generous
	    figure for dial-ups or telnets, even if automated.
	    And we check the bad-login-attempts files every day.

We feel the arithmetic odds against a break-in before detection are tolerable.