[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[comp.security.unix] Advice on password security guidelines



I found this on alt.humor.best-of.usenet.  It seemed like something that
would be appreciated here.  (And it is not that far off topic.)

Enjoy!

-----------------------------------------------------------

In alt.humor.best-of-usenet, Artur Pioro <[email protected]>
wrote:

>From: Paul Ashton <[email protected]>
>Newsgroups: comp.security.unix
>Subject: Advice on password security guidelines

>Hi,
>my boss has asked me for comments and improvements on his new password
>security policy. To me, it seems a bit severe. If anyone can offer any
>additional suggestions please do, here goes...

>For immediate issue:
>Password changing guidelines V2.2b

>Due to new security policies, the following guidelines have
>been issued to assist in choosing new passwords. Please follow
>them closely.

>Passwords must conform to at least 21 of the following attributes.

>1.  Minimum length 8 characters
>2.  Not in any dictionary.
>3.  No word or phrase bearing any connection to the holder.
>4.  Containing no characters in the ASCII character set.
>5.  No characters typeable on a Sun type 5 keyboard
>6.  No subset of one character or more must have appeared on
>    Usenet news, /dev/mem, rand(3), or the King James bible (version 0.1alpha)
>7.  Must be quantum theoretically secure, i.e. must automatically change
>    if observed (to protect against net sniffing).
>8.  Binary representation must not contain any of the sequences 00 01 10 11,
>    commonly known about in hacker circles.
>9.  Be provably different from all other passwords on the internet.
>10. Not be representable in any human language or written script.
>11. Colour passwords must use a minimum 32 bit pallette.
>12. Changed prior to every use.
>13. Resistant to revelation under threat of physical violence.
>14. Contain tissue samples of at least 3 vital organs.
>15. Incontravertible by OJ Simpsons lawyers.
>16. Undecodable by virtue of application of 0 way hash function.
>17. Odourless, silent, invisible, tasteless, weightless, shapeless, lacking
>    form and inert.
>18. Contain non-linear random S-boxes (without a backdoor).
>19. Self-escrowable to enable authorities to capture kiddie-porn people
>    and baddies but not the goodies ("but we'll only decode it with a
>    court order, honest").
>20. Not decryptable by exhaustive application of possible one time pads.

>Due to the severity of the restrictions, if the password is entered
>incorrectly 3 times at login time, you will be asked if you would like to
>pick a new one.

>Please add guidelines to the above and adjust the minimum conformation
>requirement, if applicable.

>--
>Moderators accept or reject articles based solely on the criteria posted
>in the Frequently Asked Questions. Article content is the responsibility
>of the submittor.  Submit articles to [email protected]. To write 
>to the moderators, send mail to [email protected]. 



|         Spam is the Devil's toothpaste!         | [email protected]   |
|"It's only half a keyserver. I had to split the  | Disclaimer:          |
|other half with the government man." - Black Art | Ignore the man       |
|   -- PGP 2.6.2 key available on request --      |  behind the keyboard.|
|         http://www.teleport.com/~alano          |       <fnord>        |