Authentication on the Internet (bogus emails looking for money)
Lloyd Kvam
lkvam at venix.com
Tue Apr 27 17:26:04 EDT 2010
On Tue, 2010-04-27 at 16:22 -0400, Benjamin Scott wrote:
> If you're still using a passWORD on today's Internet, you're already
> in a very high risk category. Using an English word for a password is
> supposed to be roughly equivalent to using "12 bit encryption" or
> something like that.
>
> I recommend complex passphrases, minimum 15 characters in length,
> containing a mixture of upper- and lower-case letters, digits, spaces,
> and punctuation.
Has anyone here tried to use certificates or public-keys to control
access? The software is available to generate keys and certificates.
Do you think it is hopeless trying to educate users to import a
certificate and protect it with a pass phrase?
(I'll be operating a web site with an anticipated load of hundreds to
low thousands of user accounts. I've been wondering about imposing
certificates on the account holders.)
--
Lloyd Kvam
Venix Corp.
1 Court Street, Suite 378
Lebanon, NH 03766-1358
voice: 603-653-8139
fax: 320-210-3409
More information about the gnhlug-discuss
mailing list