[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: add --rand xxxxxxxx

Understandable.  I have not asked for any changes.  It would be  
awkward for us to propagate the password back to a real person when  
we might use it.

The main time I might use it myself is to create cross-realm  
principals with non-Heimdal KDCs.  In that case I'd want at least 128  
bits of entropy, and 256 bits if AES-256 was supported.  Really,  
really unpleasant to deal with by real humans.  ;-)

I wrote a stand-alone program that filters /dev/random for printable  
characters as my solution.

On May 31, 2007, at 1:06 AM, Johan Danielsson wrote:

>> I wish it invented longer passwords, so I don't use it myself.
> I suppose there could be an option for that, but the idea is that the
> passwords should be possible to remember, and making them much
> longer would make it a lot harder.
> I think the current scheme gives about 55 bits of entropy.
> /Johan

The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu