PASSWORD GUESSING
Kemp at DOCKMASTER.NCSC.MIL
Kemp at DOCKMASTER.NCSC.MIL
Mon Aug 21 10:28:32 AEST 1989
Chris Torek writes:
> I am a bit surprised that someone at NCSC would suggest this without
> at least a caveat.
Chris is absolutely correct here (as usual). One should not just take
any program for password generation (like you might find on a unix
archive) and blindly trust that it will actually generate good random
passwords. I was extrapolating from the Multics and VMS programs, which
presumably use decent algorithms and have been verified by computer
security experts.
I also did not include a very important disclaimer:
"Although this message was posted from a NCSC machine, it's contents do
not reflect the views of anyone but the author, who is not in any sense
an authority on computer security."
Dave Kemp <Kemp at dockmaster.ncsc.mil>
P.S. Several people have sent mail asking where password generating
programs might be found. I have no idea; just a vague memory of having
seen references to them.
More information about the Comp.unix.wizards
mailing list