Confocal Microscopy List

Re: Password Strength

Posted by Stephen C. Kempf on
URL: http://confocal-microscopy-list.275.s1.nabble.com/Password-Strength-tp6673797p6674097.html

*****
To join, leave or search the confocal microscopy listserv, go to:
http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy
*****

One thing I've always wondered is why systems can't be set-up so they won't accept more than one password attempt on a given account every 1 sec, 5 sec or whatever. I suppose this might be a problem if large numbers of people had to access the same account, but other than that I would think this would greatly reduce the number of successful hacks. Of course, maybe I'm missing something, if so, enlighten me. (-;{

Steve

On Aug 10, 2011, at 3:12 PM, Guy Cox wrote:

> *****
> To join, leave or search the confocal microscopy listserv, go to:
> http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy
> *****
>
> Martin,
>
>            It's probably right, but 1000 guesses per second would require a connection speed way beyond even what I get on campus to another on-campus computer.  Even 100 per second (one month) seems implausible.  At 10 guesses per second you're looking at 2½ years ... And any system that will allow you 268,435,456 attempts at logging in before it freezes you out is terminally insecure!  (MS exchange allows 5 tries).
>
> The four random words thing is fine provided that (a) only very few do it and (b) the words truly are random.  But if it catches on then all a cracking algorithm has to do is try every combination of dictionary words that add up to the password length, a vastly simpler task.
>
>                                        Guy
>
>
> Optical Imaging Techniques in Cell Biology
> by Guy Cox    CRC Press / Taylor & Francis
>     http://www.guycox.com/optical.htm
> ______________________________________________
> Associate Professor Guy Cox, MA, DPhil(Oxon)
> Australian Centre for Microscopy & Microanalysis,
> Madsen Building F09, University of Sydney, NSW 2006
>
> Phone +61 2 9351 3176     Fax +61 2 9351 7682
>             Mobile 0413 281 861
> ______________________________________________
>      http://www.guycox.net
>
>
>
> -----Original Message-----
> From: Confocal Microscopy List [mailto:[hidden email]] On Behalf Of Martin Wessendorf
> Sent: Thursday, 11 August 2011 5:31 AM
> To: [hidden email]
> Subject: Password Strength
>
> *****
> To join, leave or search the confocal microscopy listserv, go to:
> http://lists.umn.edu/cgi-bin/wa?A0=confocalmicroscopy
> *****
>
> Dear List--
>
> I can't say I've ever sent a link for a webcomic to the confocal list,
> but here goes.
>
> http://xkcd.com/936/
>
> (As far as I know, clicking on this link will not infect your computer
> with a virus or take you to a porn site.)
>
> Anybody able to verify or disprove this?  Intuitively, it makes sense,
> but so do a lot of things that are wrong.
>
> Martin
> --
> Martin Wessendorf, Ph.D.                   office: (612) 626-0145
> Assoc Prof, Dept Neuroscience                 lab: (612) 624-2991
> University of Minnesota             Preferred FAX: (612) 624-8118
> 6-145 Jackson Hall, 321 Church St. SE    Dept Fax: (612) 626-5009
> Minneapolis, MN  55455                    e-mail: [hidden email]
>
> -----
> No virus found in this message.
> Checked by AVG - www.avg.com
> Version: 10.0.1391 / Virus Database: 1520/3824 - Release Date: 08/09/11
Free forum by Nabble Edit this page