From: erik quanstrom <quanstro@quanstro.net>
To: 9fans@9fans.net
Subject: Re: [9fans] p9 file server (npfs) w/ authentication from
Date: Mon, 26 Jan 2009 16:28:22 -0500 [thread overview]
Message-ID: <b41adceb1542cbbf3776d415520f84fe@quanstro.net> (raw)
In-Reply-To: <f6dbf1d2060a55843d60f5a5410c39a6@terzarima.net>
>>Even more off topic - why do people think regular password expiry improves
>>system security (as opposed to enforcing a password complexity constraint)?
>
> i think the UNIX security paper discussed that.
> (F. Grampp and R. Morris, "UNIX Operating System Security", BSTJ, Vol. 62, No . 8,. 1984)
still a ppv (springer) article. so without the benefit of reading
it ....
maybe the choice is false.
if you use the same password for 12 months or 12
passwords for one month, then your 12-month password
needs to be 12 times harder to crack, assuming you're
defending against the same assumed attack rate.
okay, maybe you're using something with 160 random
bits. no way to crack that (play along, please), but
the 160 bits might be leaked. in that case you need to
be 12x more careful with a 1 month password than a 12
month password, assuming that one is equally likely to
leak one's password on any given day.
otoh, the chance of recovering encrypted backups is
inversely proportial to the number of passwords you've
used. :-)
- erik
prev parent reply other threads:[~2009-01-26 21:28 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-01-25 13:44 [9fans] p9 file server (npfs) w/ authentication from heterogenous systems Jakob Praher
2009-01-25 14:49 ` Eric Van Hensbergen
2009-01-25 14:58 ` Steve Simon
2009-01-25 16:34 ` Eric Van Hensbergen
2009-01-25 21:20 ` [9fans] p9 file server (npfs) w/ authentication fromheterogenous systems Jakob Praher
2009-01-25 21:17 ` Jakob Praher
2009-01-26 0:08 ` Eric Van Hensbergen
2009-01-26 4:13 ` [9fans] p9 file server (npfs) w/ authentication lucio
2009-01-26 6:18 ` sqweek
2009-01-26 10:55 ` lucio
2009-01-26 2:39 ` [9fans] p9 file server (npfs) w/ authentication from heterogenous systems Nathaniel W Filardo
2009-01-26 2:43 ` andrey mirtchovski
2009-01-27 7:09 ` Jeff Sickel
2009-01-26 5:39 ` Uriel
2009-01-26 16:16 ` Eric Van Hensbergen
2009-01-26 17:13 ` roger peppe
2009-01-26 17:20 ` [9fans] p9 file server (npfs) w/ authentication from erik quanstrom
2009-01-26 17:46 ` [9fans] p9 file server (npfs) w/ authentication from heterogenous systems Charles Forsyth
2009-01-26 20:18 ` Steve Simon
2009-01-26 21:26 ` Charles Forsyth
2009-01-26 21:28 ` erik quanstrom [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b41adceb1542cbbf3776d415520f84fe@quanstro.net \
--to=quanstro@quanstro.net \
--cc=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).