Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!bloom-beacon!apple!rutgers!cmcl2!adm!xadmx!VINCE%UCONNVM.BITNET@mitvma.mit.edu From: VINCE%UCONNVM.BITNET@mitvma.mit.edu Newsgroups: comp.unix.wizards Subject: Re: Password Aging Message-ID: <17986@adm.BRL.MIL> Date: 29 Dec 88 17:35:12 GMT Sender: news@adm.BRL.MIL Lines: 13 Barry Shein writes: >We just did this, lessee, 100 character set, 8 chars, 100^8, assume >10,000 encryptions per second is a good upper bound (we'll take a >small fraction in a moment) and, lessee, I get 31,709 years, divide by >100 (that's a small fraction, no?) I guess I age my password every 317 >years, oh, what the hell, once per century just to be safe. But a 50 character set gives only 183 years, not 31,709, and if you really use only lower case letters plus a bit (30 chars) your 31,709 years becomes 2 years. Acknowledge-To: