Ben Laurie (ben@algroup.co.uk)
Mon, 04 Jan 1999 16:46:58 +0000
Adam Shostack wrote:
>
> On Sun, Jan 03, 1999 at 06:45:41PM +0000, Ben Laurie wrote:
> | Anonymous wrote:
> | > We went over all this already on one of the crypto lists. Elliptic curve
> | > has no advantage in this regard. Using any of these methods will probably
> | > significantly weaken your key, unless you have a much stronger passphrase
> | > than most people use.
> |
> | How do you know the strength of most people's passphrases?
>
> There is a substantial body of research over the last 20 (or
> more) years, showing consistently that most people will, given the
> chance, select their password from a very small, and easily searched
> space. There is no reason to believe that changing the word
> 'password' to 'passphrase' will suddenly shift people's behavior.
Hmmm ... well, it changed mine!
Cheers,
Ben.
-- http://www.apache-ssl.org/ben.html"My grandfather once told me that there are two kinds of people: those who work and those who take the credit. He told me to try to be in the first group; there was less competition there." - Indira Ghandi
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:18:01