[Mailman-Users] A Vote Against Passwords
Chuq Von Rospach
chuqui at plaidworks.com
Thu Aug 3 06:50:32 CEST 2000
At 3:29 PM -0700 8/2/00, Dan Mick wrote:
>It's trivial to save a four-character password, and it's reasonable
>to expect a mailinglist member to do it.
This is one of the password's serious weaknesses. The passwords,
being random letters, are impossible to remember. So they get tossed.
Better would be to build a table of four letter words, and creating
passwords on combining two of them. It'd still be effectively
impossible to crack, even if the cracker had the list, and it'd be a
lot easier on the user.
> > Myself I never bother saving password requests because often I am on and
>> off a list within the month anyway and if I'm on it for more than a
>> month I'm there to stay.
>I sure hope you save the unsubscribe instructions and any optional
>passwords *some*where, so that you can unsubscribe yourself as
I tell people not to save the password, but to save the place where
they can get the password sent to them when they need it. why save
the password? simply save the listinfo page URL, and you can have it
sent to you at any time, and you don't risk security breaches nearly
Chuq Von Rospach - Plaidworks Consulting (mailto:chuqui at plaidworks.com)
Apple Mail List Gnome (mailto:chuq at apple.com)
And they sit at the bar and put bread in my jar
and say 'Man, what are you doing here?'"
More information about the Mailman-Users