[Cryptography] The Laws (was the principles) of secure information systems design

Kent Borg kentborg at borg.org
Wed Jul 13 20:04:17 EDT 2016


Quite entertaining, if completely cynical, list.

However...

On 07/13/2016 06:16 PM, Ray Dillinger wrote:
> "Password" -- If a human can remember it a computer can guess it. 

Only if the computer doing the guessing can quickly validate all those 
combinations.

Doesn't sound lie a password. I think you mean an encryption key 
passphrase. (Or a password on a system that is so insecure that your 
password isn't the weak link.)


Passwords and encryption keys are different.

-kb



More information about the cryptography mailing list