1. says

    This isn’t a new discussion. In his 1989 book “The Cuckoo’s Egg”, Clifford Stoll talked about password vulnerability and gave his ideas on them. He suggests using multiple short words and numbers that are unrelated (e.g. pig1912tree). It’s easy to remember but hard to guess. If crackers (*) have ever broken into any of my accounts, they have left no trace of it. I’ve never seen an obvious intrusion.

    Passphrases are as predictable and vulnerable as passwords. Crackers break in because people use easy to guess passwords, there are lists of the most common ones. Lists of common phrases are easy to compile, and people are already doing it (e.g. “Shall we play a game”, “Open sesame”) -- using common phrases as passwords, and using them to break in.

    (* In traditional parlance, a hacker builds code or finds solutions to problems. A cracker invades systems without permission, which is what we’re talking about.)

Leave a Reply

Your email address will not be published. Required fields are marked *