[an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive]
 
[an error occurred while processing this directive] [an error occurred while processing this directive]
Skåne Sjælland Linux User Group - http://www.sslug.dk Home   Subscribe   Mail Archive   Forum   Calendar   Search
MhonArc Date: [Date Prev] [Date Index] [Date Next]   Thread: [Date Prev] [Thread Index] [Date Next]   MhonArc
 

Re: [MISC] Gentagelse af password med ****. Er det et sikkerhedshul?



On Thu, 5 Apr 2007 20:32:02 +0000 (UTC)
Jesper Krogh <sslug@sslug> wrote:

> I sslug.misc, skrev Jørgen Heesche:
> >  Hej.
> >    Ved indtastning af password bliver det normalt gentaget med
> > asterikser (****).
> >  Der er nogen, som påstår, at den metode er et sikkerhedshul, og at
> > det kun er defekte distroer, der benytter metoden.
> >  Hvad skal man mene om den påstand?.
> 
> Påstanden er ok.. det er en klar svækkelse at du ved hvor langt
> passworded er.. Omvendt så er det nok ikke en svækkelse der har
> signifikant betydning.


flere sikkerhedsrelaterede programmer gør netop noget ved dette, ved at
indsætte et variabelt antal * pr tastning. I PGP disk er det muligt at
slå helt fra at den viser hvor meget der er tastet ind. Man har valget
mellem "ingen visning" eller at den indsætter variabelt antal mellemrum
pr tastning (der sættes ikke *). 
-- 
    Kim Schulz       | Blog: http://www.schulz.dk/
Email: sslug@sslug | Work: http://www.devteam.dk/
Phone: +45 5190 4262 | Fun : http://www.chilifan.dk/


 
Home   Subscribe   Mail Archive   Index   Calendar   Search

 
 
Questions about the web-pages to <www_admin>. Last modified 2007-05-01, 02:01 CEST [an error occurred while processing this directive]
This page is maintained by [an error occurred while processing this directive]MHonArc [an error occurred while processing this directive] # [an error occurred while processing this directive] *