Gnupg-users Digest, Vol 91, Issue 30

[MFPA]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Tuesday 19 April 2011 at 8:17:36 PM, in
<mid:4DADDFD0.3020404 at charter.net>, Mike Acker wrote:


> if i delay responding to a bad password for 1 second
> the speed of your processor become irrelevant: you now
> need 1000 vm's to get to 1m tries/sec. and there's no
> real reason i wouldn't make it 10 sec after the 2d bad
> try, and then 30 min after the 3d -- like the Novell
> server used to do

I have nearly twenty different things to log onto at work, several of
which enforce frequent password changes. If your model was adopted
there, none of us would get anything done. To me, "because it would
wipe out productivity" is a real reason (in a corporate setting) to
not have a 30-minute wait after a third failed attempt.

- --
Best regards

MFPA                    mailto:expires2011 at ymail.com

Think for yourself.
Otherwise you have to believe what other people tell you.
-----BEGIN PGP SIGNATURE-----

iQE7BAEBCgClBQJNrfi6nhSAAAAAAEAAVXNpZ25pbmdfa2V5X0lEIHNpZ25pbmdf
a2V5X0ZpbmdlcnByaW50IEAgIE1hc3Rlcl9rZXlfRmluZ2VycHJpbnQgQThBOTBC
OEVBRDBDNkU2OSBCQTIzOUI0NjgxRjFFRjk1MThFNkJENDY0NDdFQ0EwMyBAIEJB
MjM5QjQ2ODFGMUVGOTUxOEU2QkQ0NjQ0N0VDQTAzAAoJEKipC46tDG5pDbMEAL2m
32yF+zM0PgdpTWDUD+HFNszbTW7/P5HBmDu5IgijzYwEd5OBpXdiNrOSeXApprIj
U6radFERj9+j6MEVJUcCClEVf0/R2C6TyDEvBjBmzXzKbVvYxbOVmO12s9BybmO+
S5+VmQjXojUiae85nHP7PQZOdYT5Bwucceygq84l
=biYS
-----END PGP SIGNATURE-----