Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!uflorida!novavax!proxftl!twwells!bill From: bill@twwells.uucp (T. William Wells) Newsgroups: comp.unix.wizards Subject: Re: Worm/Passwords Message-ID: <220@twwells.uucp> Date: 27 Nov 88 11:40:22 GMT References: <22401@cornell.UUCP> <4627@rayssd.ray.com> <251@ispi.UUCP> <205@twwells.uucp> <8981@smoke.BRL.MIL> Reply-To: bill@twwells.UUCP (T. William Wells) Organization: None, Ft. Lauderdale Lines: 41 In article <8981@smoke.BRL.MIL> gwyn@smoke.BRL.MIL (Doug Gwyn ) writes: : In article <205@twwells.uucp>, bill@twwells.uucp (T. William Wells) writes: : > Save yourself some effort. Go hunt up a `travesty' program. (I think : > that was the name.) I recall seeing them in some computer magazines in : > the last year or so, and didn't I see one get posted? You ought to : > be able to modify one to create pronouncable passwords with only a : > little effort. : : [A travesty of my message] :-) : Which pretty much sums it up. (The above was created via : "travesty 2", which is the minimum practical scope. Larger : values produce a very high percentage of actual English words.) Here are the words from your travesty that might do as passwords: creater crecable crecall huncall lassword lithat magazin modidnt onesty ourself passwort programe prograve pronough reater recable seeine sompute somputed traves traveste wassword wasswort withated wittle yought youncabl youncall yoursee (I got a few chuckles making up meanings for some of these, though at least one is actually a valid English word. Say, what's a `huncall'? Loot! Loot! Loot! :-) These were obtained by removing punctuation and words shorter than six letters, truncating words longer than 8 letters, and deleting words that `spell' accepted. As you can see, many of these would make easily pronounceable passwords. Using a better database might create more or better passwords. And each user could have his own database; this makes knowledge of the travesty algorithm useless for guessing someone's password. --- Bill {uunet|novavax}!proxftl!twwells!bill