[Pkg-shadow-devel] Bug#386818: [passwd] Manpage suggests
insufficient password picking method
Helge Kreutzmann
debian at helgefjell.de
Sun Sep 17 13:59:00 UTC 2006
Hello,
On Sun, Sep 10, 2006 at 02:24:33PM +0200, Simon Brandmair wrote:
> Package: passwd
> Version: 1:4.0.18.1-1
> Severity: wishlist
>
> The manpage of passwd suggests following method to pick a password: "Your
...
> I would suggest a this method: 'This can be accomplished by picking two
> (longer) words, appending their first three characters together and separating
> each with two special characters or digits. For example, pick "summer" and
> "beach", your password could be "sum%9bea".'
I would support suggesting the method of "first letters". Here you
choose a sentence, like "Debian works on 11 architectures for me" and
use the first letters, e.g. Dwo11afm. You could also include
substitutions like a->@ or 1->l. Then this could become Dwoll at fm. This
method of defining a password is common security advise.
Greetings
Helge
--
Dr. Helge Kreutzmann debian at helgefjell.de
Dipl.-Phys. http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
Help keep free software "libre": http://www.ffii.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20060917/fbe3e812/attachment.pgp
More information about the Pkg-shadow-devel
mailing list