[Coco] Tandy / Color Computer Forum Access

Steven Hirsch snhirsch at gmail.com
Fri Mar 25 16:38:03 EDT 2011

On Fri, 25 Mar 2011, gene heskett wrote:

> On Friday, March 25, 2011 02:19:38 PM Brian Blake did opine:
>> On Fri, Mar 25, 2011 at 2:01 PM, Wayne Campbell <asa.rand at gmail.com>
> wrote:
>>> Most of them do recommend periodic changes, but leave it up to the
>>> user.
>>> Wayne
>> That's what will end up happening. Though if there is ever an instance
>> where there's a security issue, it'll be required... No major biggie...
> The security issue is, as I see it, the short password.  A 6 character PW
> can be found by John the Ripper in just a few seconds.  My own minimum user
> password length is 9, and my root PW on this machine is, lets just say,
> more than 20.  Same for the admin password on dd-wrt.  John would have to
> work till the universe runs down to find those, as every character added
> adds to the factorial on the difficulty. To illustrate, a 6 char PW is
> 6!=720. 9!=362880. and 20!=2.43290200818e+18, a rather large number.
> You have to make it expensive enough to crack your password that they get
> bored and go looking for easier targets.

My employer mandates a "three strikes and it's locked" policy on 
authentication attempts.  Now that I think about it, most web accounts I 
own do that as well.  Renders brute-force cracking tools a bit 


More information about the Coco mailing list