home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!gatech!wrdis01!kschwab
- From: kschwab@wrdis01.af.mil (kschwab)
- Newsgroups: comp.unix.questions
- Subject: Re: Password generator / checker?
- Message-ID: <2890@wrdis01.af.mil>
- Date: 8 Sep 92 14:25:18 GMT
- References: <1992Sep3.230149.17906@centric.com>
- Organization: 1926CCSG Robins AFB
- Lines: 33
-
- In article <1992Sep3.230149.17906@centric.com> ian@centric.com (Ian Macky) writes:
- >I recently rank the 'crack' program on our firewall machine and had some nasty
- >surprises! Yikes!
- >
- >So, does anyone have a password generator program? The kind that makes 'typable',
- >pronounceable passwords, but ones that are meaningless? I'd like to make it
- >available to my users for those who can't make up random gubbish on their own.
-
- Maybe this is wrong, but if you are going to use an algorithm to make
- passwords, can't the "cracker" use the same algorithm in the RULES file of
- crack ? ( And add a gibberish.dict.Z to the bigdict )
-
-
- >
- >Also, what about a version of the passwd program that applies crack-style rules to
- >the user's choice and refuses to let them enter obviously crackable passwords in
- >the first place?
- >
- >--ian
- Also on the same note, the crack time could be significantly reduced if it
- was obvious that "easy" words and rules could be skipped.
- And if the password is too random and meaningless, the user would most likely
- jot it down everywhere
-
- I think a passwd replacement that has a few rules along with password ageing
- would probably be best. I think I saw this thread in *.security a few weeks
- back.
-
- No Flames intended.
- Admittedly not-a-wizard, just my $.02
- --
- Kerry Schwab
- kschwab@logdis1.wr.aflc.af.mil
-
