Password Aging
VINCE%UCONNVM.BITNET at mitvma.mit.edu
VINCE%UCONNVM.BITNET at mitvma.mit.edu
Fri Dec 30 03:35:12 AEST 1988
Barry Shein writes:
>We just did this, lessee, 100 character set, 8 chars, 100^8, assume
>10,000 encryptions per second is a good upper bound (we'll take a
>small fraction in a moment) and, lessee, I get 31,709 years, divide by
>100 (that's a small fraction, no?) I guess I age my password every 317
>years, oh, what the hell, once per century just to be safe.
But a 50 character set gives only 183 years, not 31,709, and if you really
use only lower case letters plus a bit (30 chars) your 31,709 years
becomes 2 years.
Acknowledge-To: <VINCE at UCONNVM>
More information about the Comp.unix.wizards
mailing list