Subject:
|
Re: Automated password appraisal (Re: New feature: Article rating)
|
Newsgroups:
|
lugnet.admin.general
|
Date:
|
Thu, 30 Mar 2000 23:29:07 GMT
|
Highlighted:
|
(details)
|
Viewed:
|
3793 times
|
| |
|
|
In lugnet.admin.general, Todd Lehman writes:
> In lugnet.admin.general, Larry Pieniazek writes:
> > > A couple questions about its structure...I don't know if you can answer
> > > these but it seems like you could maybe: Without giving away any hints
> > > about what it was, why did you think it was risky?
> >
> > If I even say that I can't answer without giving a hint, that's a hint.
> >
> > Therefore: I can't answer without either giving or not giving away hints
> > as to what it is. :-(
>
> Bummer -- that makes me suspect that it really truly is a horrible password
> then (as you surmised, and pointed out to your coworker). Yet it passed,
> which makes me nervous.
>
> Welp, if you someday are able to convince your coworker that this particular
> password was indeed bad, causing it to get abandoned, I'd love to know what
> it was (if that still doesn't hurt your security), so I can see what its
> flaw was/is and see if I'm missing something fundamental in the tests.
I can say this much. It's not your tests. It's the context.
Just like your tests give (hypothetically speaking) Lugnet123 a so so score
because Lugnet isn't a word, but we know that lugnet isn't a very good root for
a password to lugnet because that's the context.
helps?
++Lar
|
|
Message has 1 Reply:
Message is in Reply To:
309 Messages in This Thread:
(Inline display suppressed due to large size. Click Dots below to view.)
- Entire Thread on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
This Message and its Replies on One Page:
- Nested:
All | Brief | Compact | Dots
Linear:
All | Brief | Compact
|
|
|
|
