[Homeroast] Email security ideas

Allon Stern allon at radioactive.org
Tue Mar 23 14:23:59 CDT 2010


On Mar 23, 2010, at 3:16 PM, Jim Carter wrote:
> I guess it comes down to a question of whether or not the juice is worth the squeeze. How hard will somebody try to guess/crack your password? How much effort are you willing to expend to thwart their efforts?

exactly.
rubber hose cryptanalysis, anyone?

Hm, wonder what happened to my earlier post on lava lamp entropy...ah well.

The point is not to make passwords uncrackable. There is no such thing when you have infinite time.

It's making them unguessable, and strong enough that a brute force attack would be prohibitive, especially given the return on that investment in time. It just isn't worth it to find my Sweet Marias password, for example.

Geez, how many security professionals DO we have on list? :)
-
allon


More information about the Homeroast mailing list