jbn@wdl1.UUCP (John B. Nagle) (04/19/84)
I have posted a small subroutine to net.sources which is intended for use
in passwd(I) for to prevent users from picking easily guessable passwords.
This subroutine will prevent the use of any word in the Unix dictionary as
a password yet requires no files to make this test. It also prevents the
use of numeric strings, repeated letters, and various other common sequences.
Yet any random string of eight characters has a 95% chance of being an
acceptable password.
There is no Bell code in this routine and it has been tested on machines
with 16, 32, and 36 bit words, and works without change on all of them.
John Naglehenry@utzoo.UUCP (Henry Spencer) (04/22/84)
There is a disadvantage to this routine. My personal guess would be
that it will exclude almost any pronounceable word, even if it's a
nonsense word. Why is this significant? Because pronounceable words
are much easier to remember than arbitrary sequences of gibberish.
Well, you ask, why is *this* significant? Because if a user can't
remember his password, he will write it down, and that's just what we
don't want.
It is true that requiring a password to be pronounceable reduces its
information content, making brute-force password searching easier, but
the benefits are usually considered worth the cost. Password holders
are human; nothing short of military discipline (*good* military
discipline) will keep them from writing down something they find hard
to remember.
--
Henry Spencer @ U of Toronto Zoology
{allegra,ihnp4,linus,decvax}!utzoo!henrysteve@BRL-BMD.ARPA (05/04/84)
From: Stephen Wolff <steve@BRL-BMD.ARPA> Hear, hear! Let's hear it for concatenated nonsense syllables - or even non-nonsense syllables; 3 x (3 consonants + 1 vowel), say, and then assume only 1% of those are - for whatever reason - usable. We use auto-disconnect after three unsuccessful login attempts, so that 6 tries per minute is a generous figure for dial-ups or telnets, even if automated. And we check the bad-login-attempts files every day. We feel the arithmetic odds against a break-in before detection are tolerable.