I am not Zen (drakemobius) wrote in suggestions,
I am not Zen



Short, concise description of the idea
The password complexity system should be updated to standard

Full description of the idea
Password complexity should be rated on a weighting system, giving extra points to special characters, numerals, etcetera.
Thus you could have a sufficiently complex password EITHER with fewer special characters, or more standard characters. Weighting should also happen based on non-repitition or reversal of characters. Thus a twenty-three random character password would not constantly be noted as 'insecure'.

An ordered list of benefits
  • No false positives on 'insecure password' notices
  • Better determining of password use
  • Higher security (via encouraged secure passwords)

An ordered list of problems/issues involved
  • More complex password checking
  • Possible processing overhead
  • Time to implement

An organized list, or a few short paragraphs detailing suggestions for implementation
  • Algorithm mentioned is currently capable of being applied by current POSIX/UNIX PAM authentication
Tags: security, § rejected
  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded