More grist for the "long passwords" mill

For a long time, i’ve told my clients and friends that the best way to make a password is to write a short sentence or phrase. A recent study linked from Slashdot IT reinforces this. The executive summary: if you make your password 13 or more characters long, as long as it’s not a single dictionary word, it’s likely to be pretty safe from anyone who’s got less than US$10 million to spend on the problem, assuming current market prices for cloud computing CPU time.

Without going through all of my previous advice, the simple rule for passwords is: think of something you relate to your password, or just something that you think about a lot, and then write a complete phrase or sentence about it. Of course, none of this will save you from a wrench password attack.


Interesting article about generational differences from an IT security perspective

CSO Online has a really interesting article about generational differences from the perspective of IT security. While i’m sure it’s not highly accurate from a sociological perspective and is probably guilty of overgeneralising, it still offers some food for thought that might be applicable to more areas than IT security. (As is usual with CSO Online, to get a readable version, use the printer-friendly option.)


More on living Microsoft free!

IT Toolbox has a great little summary of the experiences of Mike Kavis, a guy who’s been living Microsoft free in an all Microsoft shop – at work! It all started from an “eat your own dog food” challenge (something i did with my wife which finally precipitated the switch to Linux on her part). Check out his other articles in the series:

Kavis also links to a nice little article about what happens when you switch to Linux (specifically Ubuntu).