× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. November 1997

RE: How to preserve password change date

Hi, Booth
At 07:08 PM 11/20/97 -0500, you wrote:
>on 11/20/97at 07:15 AM, the Great and Grand  Wazir "Kahn, David (kahn)"
><KAHN@tengizchevroil.com> said:
>
>
>The best defence against a dictionary attack is to set the system value
>QPWDRQDDGT to 1, to prevent plain English words being used. Try to devise
>a scheme using a combination of the QPWD* system values to enforce robust
>passwords without alienating your users by making it next to impossible
>to generate a memorisable valid password.
>
>What are good, useful tips to give to users to help them with their choice
>in passwords? Perhaps we can compile a handy-dandy list to be passed out? 
>My favorite tip is:
>
>- Use the first letter from each word in an easily memorized phrase.  For
>example: "I am John, aged 32" would become  "IaJa32".

I replace letters in a common word or name with a "similar" numeral. E.g.,
"o" becomes "0". The user defines what is "similar". "whatever" could
become "w49t3v3r", where "h" is "4" upside-down, "a" can be seen as
something like a "9", "3" is like a capital "E" in a mirror. Or, making "v"
a Roman numeral, we get "w49t353r".

I'm working, occasionally, on a porting a program that generates
"semi-pronounceable" passwords. It's standard stuff in Unices—called pwgen.
Could be used as part of an exit program from setting passwords, maybe.

Cheers

Vernon Hamberg
Systems Software Programmer
Old Republic National Title Insurance Company
400 Second Avenue South
Minneapolis, MN 55401
(612) 371-1111 x480


+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to "MIDRANGE-L@midrange.com".
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.