not that i endorse keypad based passwords but i think if you done a=20
     lot of numeric data entry, you get to be very fast on the old 10 key=2E
     i have seen people do about 10 digs/sec in bursts=2E=2E=2E


______________________________ Reply Separator ____________________________=
_____
Subject: Re: Insecure Password?=20
Author:  MIME:hpeyerl@beer=2Eorg at INTERNETALFALAVAL
Date:    1998-07-10 13:25


Feico Dillema <dillema@acm=2Eorg>  wrote:
 > Summary: While I thought I typed four digits, I produced 8 control
characters=20
 > instead, leaving the rest of the password characters as insignificant=2E=
=20
 > =20
 > Opinion: I think this should be regarded as a security bug, although min=
or=2E=20
 > The usefulness of allowing control characters seems rather limited to me=
,
 > as these are often difficult to reproduce on different=20
 > systems/keyboards/configurations=2E I think the `passwd' command should=20
 > therefore not allow the use of control characters in password and give a=
n=20
 > error or at least a warning about it, as what the system actually does a=
nd=20
 > what the user thinks it does may be different=2E The other reason would=20=
be
that=20
 > such a password is rather weak, it has about the strength of a four digi=
t=20
 > password where an 8 digit is expected=2E
    =20
hmmm=2E are there issues for international keyboards here?
    =20
Besides, I've always thought that passwds typed on a numeric keypad were=20
especially vulnerable to shoulder-surfing anyway=2E=2E=2E
    =20
    =20
H=2E
    =20
    =20
    =20
--> Get your official NetBSD-1=2E3=2E2 CDROM set today! http://www=2Enetbsd=2E=
com <--
    =20
    =20