spencer at lasermount.uklinux.net
Wed Feb 18 06:54:18 PST 2004
On Wed, 18 Feb 2004 00:49:06 -0700, ken_i_m at elegantinnovations.net wrote:
> On Wed, Feb 18, 2004 at 12:50:22AM -0600, Charles Winebrinner
> (cwinebrinner at lmtc.net) wrote:
> > But, for instance, if it's a system with a lot of users and
> > someone
> > somehow gains access to the log, then that could be a major problem,
> > because there are a lot of people that use the same password for
> > everything. If the hacker can associate their usernames on the machine
> > to external accounts, then he will have complete access to all of
> > their other accounts.
> Getting users to follow good password practice is a _hard_problem_.
The two major problems that I can think of immediately are:
1) Making sure passwords are not 'obvious'. The definition of 'obvious' is
open to some debate, but at the very least it should include lookup in a
large dictionary (preferably multi-lingual), and disallowing pure-alpha or
pure-numeric passwords (as a simple attempt to eliminate pet names or
2) Avoiding the 'necessity' that some users seem to have to write their
passwords down in an easily-accessibly place. Making passwords easily
memorizable is an important factor here.
One solution to (1) might be to force users to use generated passwords -
either ones that are given to them when the account is first set up, or
else setting up the password change program so that it generates suggested
passwords and allows them to pick one, but doesn't allow them to enter one
of their own.
But if you implement that suggestion, you have to make sure that problem
(2) is solved. One way is to use a password generator that generates
'English-like' (or 'Spanish-like' or 'Russian-like' or ... you get the
idea) pronouncable passwords.
There are such programs available (googling for 'password generator' turns
up several). I remember the SET PASSWORD command on VMS used to include an
option (/GENERATE, IIRC) to do the same thing, and the suggestions it gave
even showed how they could be pronounced.
Of course, the method used to generate the passwords would need to be
capable of generating a large number of passwords, in order to make
dictionary attacks as hard as possible. For instance, an algorithm that
simply joined together three short (two- or three-letter sections) of text
would be virtually useless if it only had ten different values to choose
from for each part (giving just 1000 possible passwords), but would be
more useful if supplied with 1000 or 10000 such values (giving 10^9 and
Apologies for rambling on so, this started out as just a couple of quick
thoughts and kindof grew from there :)
<<< Eagles may soar, but weasels don't get sucked into jet engines >>>
2:17pm up 68 days 20:48, 18 users, load average: 0.00, 0.02, 0.22
Registered Linux User #232457 | LFS ID 11703
More information about the hlfs-dev