[aprssig] OT: GRC RE: Password authentication
Dave Baxter
Dave at emv.co.uk
Fri Jan 23 07:38:45 EST 2009
GRC also has an excelent netcast series "Security Now!" relating to PC
and Data security in general. Well worth a review/listen. Nearly 180
episodes now, all archived on that (and TWiT's) site.
Regards.
Dave G0WBX.
________________________________
From: Matt Murphy [mailto:matt.kc8bew at gmail.com]
Sent: 23 January 2009 04:56
To: aprssig at tapr.org
Subject: Re: [aprssig] Password authentication
Scott Miller wrote>
[for the unabridged version, see Scott's original post]
>Someone on the Tracker2 mailing list pointed out that the
scheme is
>architecturally identical to the Perfect Paper Passwords system
>(http://www.grc.com/ppp/design.htm), so if you're familiar with
that,
>this is pretty much the same thing. It's also similar to
S/KEY, but
>with some important differences.
>The scheme works like this: You pick a reasonably long and
>hard-to-guess pass phrase, and enter that at the T2's command
line.
>This gets converted to a 128-bit key and stored, and the
sequence
>counter is set to 0.
GRC has a good page for "Ultra High Security" passwords also.
It is https://www.grc.com/passwords.htm. Everytime the page refreshes
it displays a new set of three, 256 bit passwords. They will never be
diplayed again (at least not in our/kids/grandkids lifetime).
I like it Scott.
73,
Matt Murphy, kc8bew
Muskingum Co. ARES EC
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.tapr.org/pipermail/aprssig_lists.tapr.org/attachments/20090123/5d4a9f48/attachment.html>
More information about the aprssig
mailing list