Passwords...

The Loony Bin ( loonies@bloodaxe.demon.co.uk )
Mon, 30 Sep 1996 16:58:35 +0100

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: The Loony Bin: "Why dogs are better than women..."
• Previous message: The Loony Bin: "Doo-wah-ditty..."

Hiya All...

Some advice on choosing passwords...

Wishes & Dreams...

- ANDREA
        xx

*************<andrea@bloodaxe.demon.co.uk>*************
*****<ajc6@ukc.ac.uk>*****<bloodaxe@geocities.com>*****
***                                                 ***
***                 THE LOONY BIN                   ***
***           loonies@bloodaxe.demon.co.uk          ***
*** Archive: http://eleceng.ukc.ac.uk/~pjw/loonies/ ***
***                                                 ***
*******************Internet Goddess********************
**********************ANDROMEDA************************

  ------- Forwarded foolishness follows -------

Hi,
My boss has asked me for comments and improvements on his new password
security policy. To me, it seems a bit severe. If anyone can offer any
additional suggestions please do, here goes...

For immediate issue:
Password changing guidelines V2.2b

Due to new security policies, the following guidelines have been issued
to assist in choosing new passwords. Please follow them closely.

Passwords must conform to at least 21 of the following attributes.

1.  Minimum length 8 characters
2.  Not in any dictionary.
3.  No word or phrase bearing any connection to the holder.
4.  Containing no characters in the ASCII character set.
5.  No characters typeable on a Sun type 5 keyboard
6.  No subset of one character or more must have appeared on Usenet 
    news, /dev/mem, rand(3), or the King James bible (version 0.1alpha)
7.  Must be quantum theoretically secure, i.e. must automatically change
    if observed (to protect against net sniffing).
8.  Binary representation must not contain any of the sequences 00 01 10 
    11, commonly known about in hacker circles.
9.  Be provably different from all other passwords on the internet.
10. Not be representable in any human language or written script.
11. Colour passwords must use a minimum 32 bit pallette.
12. Changed prior to every use.
13. Resistant to revelation under threat of physical violence.
14. Contain tissue samples of at least 3 vital organs.
15. Incontravertible by OJ Simpsons lawyers.
16. Undecodable by virtue of application of 0 way hash function.
17. Odourless, silent, invisible, tasteless, weightless, shapeless, 
    lacking form and inert.
18. Contain non-linear random S-boxes (without a backdoor).
19. Self-escrowable to enable authorities to capture kiddie-porn people
    and baddies but not the goodies ("but we'll only decode it with a
    court order, honest").
20. Not decryptable by exhaustive application of possible one time pads.

Due to the severity of the restrictions, if the password is entered
incorrectly 3 times at login time, you will be asked if you would like
to pick a new one.

Please add guidelines to the above and adjust the minimum conformation
requirement, if applicable.

MidSeaBank PLC, London, UK +44 555 7727
MidSeaBank confidential - not to be distributed to baddies.

• Next message: The Loony Bin: "Why dogs are better than women..."
• Previous message: The Loony Bin: "Doo-wah-ditty..."