From: Rabid Wombat <>
Date: Fri, 8 Mar 1996 11:24:00 -0500 (EST)
Subject: Re: Password generating program

I heard about a U.S. Air Force site that forced a password generating
program on its users. It generated passwords that weren't
pronounceable, either.

The security audit team that went through found their way in to about
80% of the systems by looking at the passwords written on sticky
notes, etc.  in the immediate vicinity of the user's

IMHO, it is better to teach users to use secure passwords, and check
for non-secure ones. Anybody have a way of doing this when the
password is generated, rather than running CRACK every now and then?

- ----------------------------------------
Rabid Wombat
- ----------------------------------------


Dave Dittrich <>
Last modified: Wed Jun 19 09:19:21 1996