[CentOS] an actual hacked machine, in a preserved state
Bennett Haselton
bennett at peacefire.org
Wed Jan 4 00:32:58 UTC 2012
On 1/3/2012 2:13 PM, Lamar Owen wrote:
> On Sunday, January 01, 2012 06:27:32 PM Bennett Haselton wrote:
>> (I have already practically worn out my keyboard explaining the math behind
>> why I think a 12-character alphanumeric password is secure enough :) )
> Also see:
> https://lwn.net/Articles/369703/
The focus of this article seems to be on systems with multiple users
where the admin can't necessarily trust all the users to make smart
decisions. I've already said that I can see why in that case it might
be desirable to require users to use ssh keys instead of passwords,
since you can't force users to use good passwords. My point was that if
you're the only user and you can make yourself use a 12-char password
with enough entropy, that's good enough.
Bennett
More information about the CentOS
mailing list