Using Passwords? Switch to Pass-phrases, Instead.
Posted by Clark Venable on 2/13/2005Slashdot points to a very interesting blog entry by a Microsoft engineer in which he makes it perfectly clear how single passwords are not secure any longer:
" So with all of these highly successful, highly effective attacks on passwords (dictionary attacks, brute-force attacks, pre-computation attacks) I've come to the conclusion that there is simply too much risk associated with passwords and that users of Windows should simply stop using them to avoid this risk. "
Instead, he recommends pass-phrases:
" Pass-phrase LENGTH, not complexity defeats these attacks. Short, but complex passwords should be shunned as they are not truly secure anymore and you are deceiving yourself if you think they are. Long pass-phrases (14 characters or more) are the future (along with 2-factor or more authN, but that's another blog for another day) and are the only way to go if you want to ensure that you won't get hacked via any type of password based attack of any kind. "
This post has 0 replies
See full thread