Homemade special personal characters on nano level to be used in passwords
 

On 11/09/12 11:04, Avi Greenbury wrote:
>>
>> What I meant was passwords which these newest super computers cannot
>> break because there should be an endless number of characters, that is
>> why I call in nano?
>
> There will never be an endless number of characters unless there's an
> infinite length permitted (which there rarely is, and which would be
> unworkable in any case). However long the password is permitted to be
> in bits, there's a maximum of 2^(length) combinations.
>
> The usual way to make passwords more secure is to make it harder to
> try the guesses, rather than harder to construct a list of possible
> combinations. For example, you might make it such that the same user
> may try three different passwords in the space of ten minutes and
> then they're prevented from trying again without manual intervention
> from an administrator.
>
> This does require that the password hashes are kept secret (since
> anyone with the hash can test against it as frequently as they like),
> and the common way for passwords to be compromised is for the list of
> hashes to be.
>
>
>
> If you want to be markedly more secure than can be conveniently
> achieved through normal passwords, generally you'll move up to
> certificates (perhaps with passphrases) which do essentially amount to
> incredibly long passwords.
>

Or you move to two factor authentication where cracking the password is
of no use anyway.

Regards,
Tony.
--
Tony Arnold, Tel: +44 (0) 161 275 6093
Head of IT Security, Fax: +44 (0) 705 344 3082
University of Manchester, Mob: +44 (0) 773 330 0039
Manchester M13 9PL. Email: tony.arnold@manchester.ac.uk

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users