Order Tray | Contact Us | Home | SIG Lists

[aprssig] OT: GRC RE: Password authentication

Dave Baxter Dave at emv.co.uk
Fri Jan 23 12:38:45 UTC 2009


GRC also has an excelent netcast series "Security Now!" relating to PC
and Data security in general.   Well worth a review/listen.  Nearly 180
episodes now, all archived on that (and TWiT's) site.
 
Regards.
 
Dave G0WBX.
 


________________________________

	From: Matt Murphy [mailto:matt.kc8bew at gmail.com] 
	Sent: 23 January 2009 04:56
	To: aprssig at tapr.org
	Subject: Re: [aprssig] Password authentication
	
	

	Scott Miller wrote>
	[for the unabridged version, see Scott's original post]
	
	>Someone on the Tracker2 mailing list pointed out that the
scheme is
	>architecturally identical to the Perfect Paper Passwords system
	>(http://www.grc.com/ppp/design.htm), so if you're familiar with
that,
	>this is pretty much the same thing.  It's also similar to
S/KEY, but
	>with some important differences.
	
	>The scheme works like this:  You pick a reasonably long and
	>hard-to-guess pass phrase, and enter that at the T2's command
line.
	>This gets converted to a 128-bit key and stored, and the
sequence
	>counter is set to 0.
	
	GRC has a good page for "Ultra High Security" passwords also.
It is https://www.grc.com/passwords.htm.  Everytime the page refreshes
it displays a new set of three, 256 bit passwords.  They will never be
diplayed again (at least not in our/kids/grandkids lifetime).
	

	I like it Scott.
	
	73,
	Matt Murphy, kc8bew
	Muskingum Co. ARES EC
	

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.tapr.org/pipermail/aprssig/attachments/20090123/5d4a9f48/attachment.htm 


More information about the aprssig mailing list