Slashdot Mirror

← Back to Stories (view on slashdot.org)

Enforcing Crytographically Strong Passwords

Posted by Zonk on from the nd3knsdkh238979103dsw dept.

Saqib Ali writes "The WebAppSec mailing list at SecurityFocus is currently having an interesting discussion on how to force users to use cryptographically strong passwords. The original poster suggested displaying a list of randomly generated password for the user to choose from. Two issues pointed with this concept, were Shoulder surfing and the fact that a bunch of randomly generated passwords are hard to remember. A counter proposal was to use pronounceable but randomly generated password. A full summary of this discussion is available. Any thoughts from slashdotters?"

2 of 429 comments (clear)

  1. Re:Easier to remember random passwords by Infinityis · · Score: 0, Offtopic

    Unless "fat" has four to six characters, I call BS on this story.

    Remember kids, funny doesn't add to your karma, especially when the joke has errors that weren't caught at compile time...

  2. Re:Easier to remember random passwords by Anonymous Coward · · Score: 0, Offtopic

    Note the parent is modded "off topic". Now that's even funnier than the parent!