[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Spaces in passwords



>Ben Rothke writes:
>> Do spaces (ASCII 20) in passwords make them less secure?
>
>Of course not. In a normal Unix password, adding spaces to the
>password search space increases the search space, so it necessarily
>makes the search harder.

I used to recommend that passwords be a phrase of at least 15 characters. 
Spaces fall naturally into that model.  If your spelling is as bad as mine,
then your password is resistant to dictionary attacks.

However, then I discovered that there are many brain damaged systems which
restrict passwords to 8 characters.  (e.g. IBM's VM/ESA, Netcom's UNIX) 
For those systems, I can only parrot the conventional wisdom, no words,
include numbers and/or punctuation, no acronyms, include both upper and
lower case, etc. etc.


------------------------------------------------------------------------
Bill Frantz       | The CDA means  | Periwinkle  --  Computer Consulting
(408)356-8506     | lost jobs and  | 16345 Englewood Ave.
[email protected] | dead teenagers | Los Gatos, CA 95032, USA