SSLUG-msg00009.html

[an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive]

[an error occurred while processing this directive] [an error occurred while processing this directive]

	Home		Subscribe		Mail Archive		Forum		Calendar		Search
	Date:				Thread:

Re: [MISC] Gentagelse af password med ****. Er det et sikkerhedshul?

To: sslug@sslug
Subject: Re: [MISC] Gentagelse af password med ****. Er det et sikkerhedshul?
From: Kim Schulz <sslug@sslug>
Date: Thu, 5 Apr 2007 23:39:40 +0200
References: <ev3gfe$n2h$1@www.sslug.dk> <ev3mc2$2lu$1@shrek.krogh.cc>

On Thu, 5 Apr 2007 20:32:02 +0000 (UTC)
Jesper Krogh <sslug@sslug> wrote:

> I sslug.misc, skrev Jørgen Heesche:
> >  Hej.
> >    Ved indtastning af password bliver det normalt gentaget med
> > asterikser (****).
> >  Der er nogen, som påstår, at den metode er et sikkerhedshul, og at
> > det kun er defekte distroer, der benytter metoden.
> >  Hvad skal man mene om den påstand?.
> 
> Påstanden er ok.. det er en klar svækkelse at du ved hvor langt
> passworded er.. Omvendt så er det nok ikke en svækkelse der har
> signifikant betydning.


flere sikkerhedsrelaterede programmer gør netop noget ved dette, ved at
indsætte et variabelt antal * pr tastning. I PGP disk er det muligt at
slå helt fra at den viser hvor meget der er tastet ind. Man har valget
mellem "ingen visning" eller at den indsætter variabelt antal mellemrum
pr tastning (der sættes ikke *). 
-- 
    Kim Schulz       | Blog: http://www.schulz.dk/
Email: sslug@sslug | Work: http://www.devteam.dk/
Phone: +45 5190 4262 | Fun : http://www.chilifan.dk/

References:
- Gentagelse af password med ****. Er det et sikkerhedshul?
  - From: Jørgen Heesche
- Re: [MISC] Gentagelse af password med ****. Er det et sikkerhedshul?
  - From: Jesper Krogh

Prev by Date: Re: [MISC] Gentagelse af password med ****. Er det et sikkerhedshul?
Next by Date: Debian 4.0 frigivet, Martin Møller Pedersen
Previous by Thread: Re: [MISC] Gentagelse af password med ****. Er det et sikkerhedshul?
Next by Thread: Debian 4.0 frigivet
Index(es)
- Date Index
- Thread Index

Home

Subscribe

Mail Archive

Index

Calendar

Search

Questions about the web-pages to <www_admin>.

Last modified 2007-05-01, 02:01 CEST [an error occurred while processing this directive]
This page is maintained by [an error occurred while processing this directive]MHonArc [an error occurred while processing this directive] # [an error occurred while processing this directive] *