[CentOS] Another Fedora decision
Les Mikesell
lesmikesell at gmail.com
Tue Feb 3 17:37:02 UTC 2015
On Tue, Feb 3, 2015 at 11:20 AM, Scott Robbins <scottro at nyc.rr.com> wrote:
>>
>> I don't think anybody is missing anything. "Palindrome" in this context
>> may not be limited to real words; the author may be suggesting that you
>> not pick your password by picking a real word and tacking on its
>> reverse to make a palindrome, e.g., "password1drowssap".
>>
>
> Ah, that makes sense then, thanks.
I think the intent is: "Don't use a password likely to be included in
the list that an attacker would try". Of course if services would
rate-limit the failures by default or at least warn you about repeated
failures and their source, brute-force attacks would rarely succeed.
But fixing the problem doesn't seem to be the point here.
--
Les Mikesell
lesmikesell at gmail.com
More information about the CentOS
mailing list