Simple Password Strength Checker Review Help needed
Aahz
aahz at pythoncraft.com
Wed Jan 27 12:27:47 EST 2010
In article <7xfx5sxbmw.fsf at ruckus.brouhaha.com>,
Paul Rubin <no.email at nospam.invalid> wrote:
>
>From a security point of view, the concept
>of "password strength checking" is pretty dubious. If you want secure
>passwords, generate them from a random number source and assign them to
>the users. Don't have the users make up their own passwords. It's
>relatively (compared to using a computer file exposed to remote internet
>attacks) for users to write down the the random passwords on paper, as
>long as they're a little bit careful. As Bruce Schneier put it:
>
> "My wallet is already a secure container; it has valuable things in
> it, and I have a lifetime of experience keeping it safe. Adding a
> piece of paper with my passwords seems like a natural thing to do."
Actually, I treat my wallet as a source of trouble and only keep
replaceable items in it.
--
Aahz (aahz at pythoncraft.com) <*> http://www.pythoncraft.com/
import antigravity
More information about the Python-list
mailing list