Thursday, 14 October 2004

Jesper M. Johansson, Ph.D., ISSAP, CISSP is a Security Program Manager at Microsoft. The second part of his three-part article on the use of passwords vs. passphrases was recently published.

The Great Debates: Pass Phrases vs. Passwords

  • Part One - coveres the fundamentals of passwords and pass phrases, how they are stored, and so on
  • Part Two - discusses the relative strength of each type of password, and use some mathematical approaches for illustration
  • Part Three - offers some conclusions and guidance on how to choose passwords and configure a password policy

In this installment, he looks at three arguments for the use of pass-phrases:

  • Claim 1: Users Can Remember Pass Phrases
  • Claim 2: Longer is Stronger
  • Claim 3: Pass Phrases Can Have More Randomness

This is a great read, worth the time for anyone who works in the security field or in IT operations and security. I am looking forward to the third installment, as well. Jesper has a powerful way of cutting to the heart of the arguments and coming out the other end of the conversation with good facts in tow.



Add/Read: Comments [1]
IT Security | Tech
Thursday, 14 October 2004 12:56:49 (Pacific Standard Time, UTC-08:00)
#  Trackback

Referred by:
http://search.daum.net/ [Referral]