[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] guidelines for good password policyand maintenance / user centric identity with single passwords(or a small number at most over time)

To: "James Longstreet" <jlongs2@xxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] guidelines for good password policyand maintenance / user centric identity with single passwords(or a small number at most over time)
From: "<...>" <massimo@xxxxxxxxxxxxx>
Date: Mon, 27 Mar 2006 05:27:16 +0200


On Mar 26, 2006, at 12:12 PM, Anders B Jansson wrote:

And even then they fail the actual user has a gun at his temple.


Frankly, this is true of just about any authentication scheme.


and it will be strong enough for 95% of the world anyway....

maybe having a different "alarm ringing" password could alert somethingwrong is happening could be appropriate


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time)
  - From: coderman
- Re: [Full-disclosure] guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time)
  - From: Anders B Jansson
- Re: [Full-disclosure] guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time)
  - From: James Longstreet