Tim wrote:
> On Tue, 2006-04-04 at 00:46 -0500, Mike McCarty wrote:
>
>>Should include at least one "special" character.
>
>
> When telling someone that, you really need to define what you mean by
> "special". I know the next bit goes somewhat towards that, but it's
> still a bit too vague. You can also get people trying to use characters
> that can't be used with some password systems. It would really help if
> password systems would accept any character that you can type on the
> keyboard.
IMO, these rules need to be enforced by the password system itself.
So, exactly what constitutes a "special" character should be built
into it, and if an invalid character is detected, then a useful
error message should be generated.
Anyway, I wasn't trying to write out a fully comprehensive set of rules.
I was simply stating what I consider to be the minimum security.
Guidelines, not rules.
Another good guide is:
Enforce changing of passwords on at least a monthly basis.
Do not permit re-use of old passwords.
>>Should not include non-graphic characters (like CR, LF, CTRL-A).
>>Should be at least 6 and preferably over 8 characters long.
>>Should be "rememberable".
>>Should *not* be written down anywhere.
>
>
> The last two being a key problem. By now, I've amassed about a dozen
> passwords that I just cannot remember. Even if I wanted to make
> memorable passwords, too many systems are so limited that you can't
> easily do it (e.g. passwords are too short, etc.). Then there's the
> problem of remembering which password belongs to what account. Writing
> them down, or writing down the reminder trick, becomes the only way to
> do so.
See my other message about writing down.
Mike
--
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Sorry to be off-topic, but could someone tell a total noob what is that all about?
--
A. Helmy
