Random password experiment

Brian Mearns bmearns at ieee.org
Tue Jun 23 15:44:04 CEST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey folks,

Sorry, this is off-topic, but I thought all the security folks who
lurk and participate on this list might be interested.

I'm doing a little investigation, and I could use some experimental
data. For those who would like to participate, I'd like you to
generate some random passwords and send them to me. I need 5
passwords per person, but you should generate them one at a time,
then wait at least an hour before generating the next, to keep them
pretty much independent. The passwords should be *random* strings of
characters that you just pull out of your head, no words or birthdays
or anything like that, just sit down and come up with a random
string that: a) you think makes a secure** random password, and b)
you think you could memorize within a few days or a week and use as
your main password (for instance, for logging in to your computer).

The only limitation is the passwords can only contain upper- and
lower- case letters, the digits 0-9, and the following punctuation
marks: a dot (.), and dash (-), and an underscore (_). It doesn't
have to contain all of those characters, of course, but that's your
working alphabet.

If you want to participate, please send the "passwords" to me by
email. You can feel free to encrypt them if you'd like, my key-id
is listed in the signature. I'm hoping to have some interesting
results to report in the next few weeks. (And no, I'm not going to
try to break into anyone's system, but you obviously shouldn't be
sending me passwords you actually use or will use anyway).

- -Brian

** - For whatever your definition of "secure" is.

- --
Feel free to contact me using PGP Encryption:
Key Id: 0x3AA70848
Available from: http://keys.gnupg.net

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)

iQEcBAEBAgAGBQJKQNv6AAoJEHOUulIkSI7c6F8H+gJdQsUBC2WOS/4QjXkXKgSm
WdmR7SfmAf5inLu4B0FQczvAqSjH7SWZaS3zeuAx626/+2OPf5DfMB1a2OdIac3n
jxboXvM93Vjj+aPk1zWUTzhZOJ5ThiivkKJqWNh1bF0sVq7Sr8WheteRya6vpx7G
sSQ3PuiEBOmfIWHHEyZVWHlEim/fmYLZEZ/3Ht0G1ZmTtVOj8vYBNQSwVGpcmVnn
+eS4N+NH1krdyE0g+V/5wxVFwjRiL9EF9j14pj+C5i/6+bAr0j4ZQezKXiGK5Vb8
IHu7d+C5JpG2HQ72UyHwnQkvm+iBD6JSfuCP0YUkwDzDvGNDuR4J+6flYj/CXsY=
=mfWD
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list