Path: utzoo!attcan!uunet!mcvax!unido!infbs!ramz!ruediger
From: ruediger@ramz.UUCP (Ruediger Helsch)
Newsgroups: comp.unix.wizards
Subject: Re: password protection
Message-ID: <836@ramz.UUCP>
Date: 2 Jan 89 16:27:59 GMT
References: <17994@adm.BRL.MIL> <4553@xenna.Encore.COM>
Reply-To: ruediger@ramz.UUCP (Ruediger Helsch)
Organization: TU Braunschweig Mechanikzentrum, Germany
Lines: 13

In article <4553@xenna.Encore.COM> bzs@Encore.COM (Barry Shein) writes:
>
>What I'm saying is to consider using password changing programs which
>enforce some reasonable policy AND educate users why it's being done
>and why not to try and subvert it.
>

Everybody in this discussion speaks over "educating users" and "enforcing
reaonably chosen passwords". Shouldnt we instead support users in chosing
THEIR passwords?
Under this view it may be reasonable to reject too short passwords, but
restricting the password to 8 characters seems stupid. The longer the password
(or sentence) is, the better. And every single bit of it should be used.