LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Security page

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Quotes of the week

[Posted August 10, 2011 by corbet]

[Through 20 years of effort, we've successfully trained everyone to use passwords that are hard for humans to remember, but easy for computers to guess.
-- xkcd

Hint to distributions and software developers: if you're going to use libavcodec (or libavformat, etc.) for your project, consider restricting the default build to include only *commonly* used codecs and demuxers. The code quality of many of the more obscure formats is questionable at best.
-- Dan Rosenberg
(Log in to post comments)

Quotes of the week

Posted Aug 11, 2011 6:50 UTC (Thu) by mbar (subscriber, #73813) [Link]

xkcd: best security quote ever.

Quotes of the week

Posted Aug 11, 2011 8:46 UTC (Thu) by etienne (subscriber, #25256) [Link]

xkcd: and look at these other-OS password checker which refuses a space in a password because then it is not a word...

Quotes of the week

Posted Aug 11, 2011 13:06 UTC (Thu) by Cyberax (✭ supporter ✭, #52523) [Link]

Not really a problem, just use underscores of dashes instead of spaces. Length limitations are much more annoying, though.

/me happily uses keyphrases instead of passwords since 1995.

Quotes of the week

Posted Aug 13, 2011 2:31 UTC (Sat) by elanthis (guest, #6227) [Link]

Or just don't use separators at all. Separators help to read sentences, not to write them, and you can't read the password anyway. :)

The problem is all the stupid-ass sites and software that puts a maximum length limit on your password despite the fact that the entirety of it is just thrown away during the hash step anyway (or at least you hope to $deity that it's being thrown away).

Quotes of the week

Posted Aug 13, 2011 20:15 UTC (Sat) by alecs1 (guest, #46699) [Link]

Oh, yeah, password length limitation is one of the most annoying things ever, and one of the few I actually wrote e-mails to editors. And it bit me many times, I use this shit system the xkcd describes and get often into trouble.

Quotes of the week

Posted Aug 11, 2011 17:08 UTC (Thu) by jengelh (subscriber, #33263) [Link]

I predict that "correct horse battery staple" will become a statistically significant password (<a href="http://ask.yahoo.com/20041022.html">like these</a>).

Or maybe not; Yahoo does not allow the human race to be smarter than remembering 9 bits anyway. :)

Quotes of the week

Posted Aug 16, 2011 16:57 UTC (Tue) by mgedmin (subscriber, #34497) [Link]

I'm missing the obligatory link to Diceware, so here it is.

Copyright © 2011, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds