From: alano@teleport.com (Alano@teleport.com)
To: cypherpunks@toad.com
Message Hash: 6d1ff51a9511c1168f8c41774472ca8a63983af21848054f5ef70b90ca5ff178
Message ID: <9509201546345375@ci.diamond-bar.ca.us>
Reply To: N/A
UTC Datetime: 1995-09-20 23:27:05 UTC
Raw Date: Wed, 20 Sep 95 16:27:05 PDT
From: alano@teleport.com (Alano@teleport.com)
Date: Wed, 20 Sep 95 16:27:05 PDT
To: cypherpunks@toad.com
Subject: [COMP.SECURITY.UNIX] ADVICE ON PASSWORD SECURITY GUIDELINES
Message-ID: <9509201546345375@ci.diamond-bar.ca.us>
MIME-Version: 1.0
Content-Type: text/plain
Date: Wed, 30 Aug 1995 20:55:24 -0700
To: cypherpunks@toad.com
From: alano@teleport.com (Alan Olsen) (by way of Alan Olsen <alano@teleport.com
Subject: [comp.security.unix] Advice on password security guidelines
I found this on alt.humor.best-of.usenet. It seemed like something that
would be appreciated here. (And it is not that far off topic.)
Enjoy!
-----------------------------------------------------------
In alt.humor.best-of-usenet, Artur Pioro <artur@thp2.if.uj.edu.pl>
wrote:
>From: Paul Ashton <paul@argo.demon.co.uk>
>Newsgroups: comp.security.unix
>Subject: Advice on password security guidelines
>Hi,
>my boss has asked me for comments and improvements on his new password
>security policy. To me, it seems a bit severe. If anyone can offer any
>additional suggestions please do, here goes...
>For immediate issue:
>Password changing guidelines V2.2b
>Due to new security policies, the following guidelines have
>been issued to assist in choosing new passwords. Please follow
>them closely.
>Passwords must conform to at least 21 of the following attributes.
>1. Minimum length 8 characters
>2. Not in any dictionary.
>3. No word or phrase bearing any connection to the holder.
>4. Containing no characters in the ASCII character set.
>5. No characters typeable on a Sun type 5 keyboard
>6. No subset of one character or more must have appeared on
> Usenet news, /dev/mem, rand(3), or the King James bible (version 0.1alpha)
>7. Must be quantum theoretically secure, i.e. must automatically change
> if observed (to protect against net sniffing).
>8. Binary representation must not contain any of the sequences 00 01 10 11,
> commonly known about in hacker circles.
>9. Be provably different from all other passwords on the internet.
>10. Not be representable in any human language or written script.
>11. Colour passwords must use a minimum 32 bit pallette.
>12. Changed prior to every use.
>13. Resistant to revelation under threat of physical violence.
>14. Contain tissue samples of at least 3 vital organs.
>15. Incontravertible by OJ Simpsons lawyers.
>16. Undecodable by virtue of application of 0 way hash function.
>17. Odourless, silent, invisible, tasteless, weightless, shapeless, lacking
> form and inert.
>18. Contain non-linear random S-boxes (without a backdoor).
>19. Self-escrowable to enable authorities to capture kiddie-porn people
> and baddies but not the goodies ("but we'll only decode it with a
> court order, honest").
>20. Not decryptable by exhaustive application of possible one time pads.
>Due to the severity of the restrictions, if the password is entered
>incorrectly 3 times at login time, you will be asked if you would like to
>pick a new one.
>Please add guidelines to the above and adjust the minimum conformation
>requirement, if applicable.
>--
>Moderators accept or reject articles based solely on the criteria posted
>in the Frequently Asked Questions. Article content is the responsibility
>of the submittor. Submit articles to ahbou-sub@acpub.duke.edu. To write
>to the moderators, send mail to ahbou-mod@acpub.duke.edu.
| Spam is the Devil's toothpaste! | alano@teleport.com |
|"It's only half a keyserver. I had to split the | Disclaimer: |
|other half with the government man." - Black Art | Ignore the man |
| -- PGP 2.6.2 key available on request -- | behind the keyboard.|
| http://www.teleport.com/~alano | <fnord> |
Return to September 1995
Return to “alano@teleport.com (Alano@teleport.com)”
1995-09-20 (Wed, 20 Sep 95 16:27:05 PDT) - [COMP.SECURITY.UNIX] ADVICE ON PASSWORD SECURITY GUIDELINES - alano@teleport.com (Alano@teleport.com)