Subject: Password demands revisited
To: None <netbsd-users@netbsd.org>
From: Vincent van Scherpenseel <mailinglists@vanscherpenseel.nl>
List: netbsd-users
Date: 02/24/2004 09:45:12
Hello,

There's been a little discussion about my first mailing about setting password 
demands, such as minimum password length and forcing a password with a 
combination of upper- and lowercase. There are three points being taken:


[1] Secure passwd
Some people say the passwd tool should be secured by implementing software 
like cracklib, which tests the user input against known dictionaries. This is 
a very nice way of achieving what we want, but it's some work, and it's 
conflicting with the standard passwd tool. What's possible however, is to 
secure passwd, and let that be the standard, as proposed by some.

[2] Write a frontend to passwd / alternative for passwd
Some people also adviced to write a frontend to passwd, which receives the 
user input, tests if it matches certain criteria (minimum length, 
upper-/lowecase, etc) and if it's all okay, passes the input through to 
passwd. Or: the tool encrypts the password by itself, and writes it to the 
passwd file, going totally around passwd.

[3] Password generators
Others advice to write or use a password generator for users so they get a 
generated password. I'm not really positive about this, because we all know 
that when passwords are generated in the way we like it (aAaBbB123) the 
passwords aren't easy to remember, and thus users will write them down on 
post-it notes and stick them on their monitors. If you force a user to choose 
a 'hard' password, then there are several tricks to remember it. One of the 
best imho is the one suggested by Stefan Schumacher. To quote him:

> I suggest my users to generate a password by creating a sentence and
> taking the 1st letter of each word. sth. that way:
> 
>   I was born in Blankenburg in 1980. -> IwbiBi1980.
> 
> which is IMO a somewhat strong passwd and most users are able to
> remember at least their "pass-sentence"

I've been using this method for years now, and I find it very usefull.


As I'm leaving for a holiday to Egypt this thursday, I won't be able to take a 
deeper look at this within two weeks. However, when I'm back and no one has 
taken up this work yet, I will take a look at it, and let you know how it's 
going. If some one else decides to work on this, please let me know, I would 
be glad to help you where I can.

For now, perhaps some one has a new idea, or other thoughts about the three 
methods described here. Please let us know, so we can build a more secure 
system. I find it kind of odd that this isn't part of the default system, 
anno 2004, so it's time to fix this :)

 - Vincent van Scherpenseel