Re: Heh

posted by [identity profile] tosk.livejournal.com at 09:03pm on 26/10/2007
*ding* Windows doesn't happen to have a modern password scheme.

But, most corporations run Windows (I use *nix, but still a lot of the major companies run on Windows). On top of that due to the proliferation of HyperActive Directory al lot of UNIX accounts now have uid/pwd in AD. Thus if you hack AD, you get all the UNIX passwords too. Ptacek is right, when talking about coding for websites, where your password scheme can be homemade and designed on sense.

As for length, I agree... my PGP passphrase has been in the double digits since I started using it. But even that is just a matter of time and technology. Salted passwords help, no doubt, securing anything important 2-factor is a must at this point, as you said. In fact, the PCI requirements for corporations now include 2-factor authentication.
[parent entry] [permalink]

Reply

(will be screened)
(will be screened if not validated)
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting

If you are unable to use this captcha for any reason, please contact us by email at support@dreamwidth.org

 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.

April

SunMonTueWedThuFriSat
        1
 
 2
 
 3
 
4
 
 5
 
 6
 
 7
 
 8
 
 9
 
 10
 
11
 
 12
 
 13
1
 14
 
 15
 
 16
 
 17
 
18
 
 19
 
 20
 
 21
 
 22
 
 23
 
 24
 
25
 
 26
 
 27
 
 28
 
 29
 
 30