From: frantz@netcom.com (Bill Frantz)
To: cypherpunks@toad.com
Message Hash: a9e5ae6463d5802d29f001745c9491400da9ac3eecec056eb8ccd030bf63f64b
Message ID: <199604181945.MAA22450@netcom9.netcom.com>
Reply To: N/A
UTC Datetime: 1996-04-19 00:28:03 UTC
Raw Date: Fri, 19 Apr 1996 08:28:03 +0800
From: frantz@netcom.com (Bill Frantz)
Date: Fri, 19 Apr 1996 08:28:03 +0800
To: cypherpunks@toad.com
Subject: Re: Spaces in passwords
Message-ID: <199604181945.MAA22450@netcom9.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
>Ben Rothke writes:
>> Do spaces (ASCII 20) in passwords make them less secure?
>
>Of course not. In a normal Unix password, adding spaces to the
>password search space increases the search space, so it necessarily
>makes the search harder.
I used to recommend that passwords be a phrase of at least 15 characters.
Spaces fall naturally into that model. If your spelling is as bad as mine,
then your password is resistant to dictionary attacks.
However, then I discovered that there are many brain damaged systems which
restrict passwords to 8 characters. (e.g. IBM's VM/ESA, Netcom's UNIX)
For those systems, I can only parrot the conventional wisdom, no words,
include numbers and/or punctuation, no acronyms, include both upper and
lower case, etc. etc.
------------------------------------------------------------------------
Bill Frantz | The CDA means | Periwinkle -- Computer Consulting
(408)356-8506 | lost jobs and | 16345 Englewood Ave.
frantz@netcom.com | dead teenagers | Los Gatos, CA 95032, USA
Return to April 1996
Return to “frantz@netcom.com (Bill Frantz)”
1996-04-19 (Fri, 19 Apr 1996 08:28:03 +0800) - Re: Spaces in passwords - frantz@netcom.com (Bill Frantz)