greg hughes - dot - net
The contents of this site represent my own thoughts and opinions, not those of anyone else - like my employer - or even my dog for that matter. Besides, the dog would post things that make sense. I don't.
 Thursday, 14 October 2004
Jesper M. Johansson, Ph.D., ISSAP, CISSP is a Security Program Manager at Microsoft. The second part of his three-part article on the use of passwords vs. passphrases was recently published.
The Great Debates: Pass Phrases vs. Passwords
- Part One - coveres the fundamentals of passwords and pass phrases, how they are stored, and so on
- Part Two - discusses the relative strength of each type of password, and use some mathematical approaches for illustration
- Part Three - offers some conclusions and guidance on how to choose passwords and configure a password policy
In this installment, he looks at three arguments for the use of pass-phrases:
- Claim 1: Users Can Remember Pass Phrases
- Claim 2: Longer is Stronger
- Claim 3: Pass Phrases Can Have More Randomness
This is a great read, worth the time for anyone who works in the security field or in IT operations and security. I am looking forward to the third installment, as well. Jesper has a powerful way of cutting to the heart of the arguments and coming out the other end of the conversation with good facts in tow.
© Copyright 2006 Greg Hughes 
This work is licensed under a Creative Commons License.
 | This page was rendered at Wednesday, 25 October 2006 20:01:41 (Pacific Daylight Time, UTC-07:00)
newtelligence dasBlog 1.9.6276.0
|
"Computers used to take up entire buildings, now they just take up our entire lives."
- Unknown
"So how do you know what is the right path to choose to get the result that you desire? And the honest answer is this... You won't. And accepting that greatly eases the anxiety of your life experience."
Syndication [XML] and .net Alerts
For lazy, highly-technical or enlightened people, get this site's content without the use of a web browser. I use FeedDemon for this, but you can choose your own. Subscribe - click the icon for my feed... or sign up for Microsoft Alerts to receive updates through your MSN Messenger, e-mail, or mobile device. Click the orange button thingie to sign up with your Passport account: 
Contact
Drop me an email: Mobile Phone: 503-970-1753
Add me to MSN Messenger
Monthly Archive
| October, 2006 (23) |
| September, 2006 (18) |
| August, 2006 (21) |
| July, 2006 (34) |
| June, 2006 (25) |
| May, 2006 (21) |
| April, 2006 (20) |
| March, 2006 (17) |
| February, 2006 (35) |
| January, 2006 (30) |
| December, 2005 (25) |
| November, 2005 (39) |
| October, 2005 (38) |
| September, 2005 (51) |
| August, 2005 (33) |
| July, 2005 (21) |
| June, 2005 (35) |
| May, 2005 (56) |
| April, 2005 (54) |
| March, 2005 (62) |
| February, 2005 (28) |
| January, 2005 (61) |
| December, 2004 (78) |
| November, 2004 (58) |
| October, 2004 (55) |
| September, 2004 (64) |
| August, 2004 (53) |
| July, 2004 (65) |
| June, 2004 (50) |
| May, 2004 (49) |
| April, 2004 (26) |
| March, 2004 (20) |
| February, 2004 (26) |
| January, 2004 (28) |
| December, 2003 (12) |
| October, 2003 (8) |
| September, 2003 (11) |
| August, 2003 (1) |
On this page
Search and Translate this Site
Blog Posting Categories
Navigation Links
Blogroll
 Alex Scoble
Alex is a coworker who blogs about a variety of IT-related topics. |
Brent Strange
Brent is a cool dude, a coworker and a great QA guy. His blog is, appropriately, focused on QA and testing technology. |
Chris Brooks
Chris is my "dotted-line" boss at work and an avid board gamer. He always has some new info about top-notch board games you may have never heard of, so if you're into them, you should check out this blog. |
Chris Pirillo
Lockergnome by trade, Chris is always up to something new. If you are not familiar with the Lockergnome newsletters, be sure to check them out, too. |
Chris Pratley
One of the original OneNote guys, Chris works at Microsoft and is an interesting read |
Jim Blizzard
Jim works at Microsoft. He moved to Florida recently and left all us cool people behind, but that's okay, we forgive him. |
Matthew Lapworth
Matt's a coworker of mine and software developer. He seems to enjoy extreme sports. That's fine as long as he doesn't, like, die or something. |
Milind Pandit
Milind writes about all sorts of interesting stuff. He's worked at our employer longer than I have, which pretty much makes him old as dirt in company time. :) |
MSFT Security Bulletins [RSS]
RSS feed for all Microsoft security bulletins provides an always-up-to-date list of updates along with complete descriptions of each. |
neopoleon.com
Rory Blyth is one of the funniest and most thought-provoking bloggers I read. And I blame him for everything. Literally. |
Scobleizer
Robert Scoble, formerly of Microsoft and now at Podtech. |
Scott Hanselman
Scott's computerzen blog is a popular spot for all things .net and innovative. And I work with him. He's one of the smartest guys I know, and arguably the best technical presenter around. |
Sign In
Who Links Here
|