[aprssig] OT: GRC RE: Password authentication

Dave Baxter Dave at emv.co.uk
Fri Jan 23 07:38:45 EST 2009

GRC also has an excelent netcast series "Security Now!" relating to PC
and Data security in general.   Well worth a review/listen.  Nearly 180
episodes now, all archived on that (and TWiT's) site.
Dave G0WBX.


	From: Matt Murphy [mailto:matt.kc8bew at gmail.com] 
	Sent: 23 January 2009 04:56
	To: aprssig at tapr.org
	Subject: Re: [aprssig] Password authentication

	Scott Miller wrote>
	[for the unabridged version, see Scott's original post]
	>Someone on the Tracker2 mailing list pointed out that the
scheme is
	>architecturally identical to the Perfect Paper Passwords system
	>(http://www.grc.com/ppp/design.htm), so if you're familiar with
	>this is pretty much the same thing.  It's also similar to
S/KEY, but
	>with some important differences.
	>The scheme works like this:  You pick a reasonably long and
	>hard-to-guess pass phrase, and enter that at the T2's command
	>This gets converted to a 128-bit key and stored, and the
	>counter is set to 0.
	GRC has a good page for "Ultra High Security" passwords also.
It is https://www.grc.com/passwords.htm.  Everytime the page refreshes
it displays a new set of three, 256 bit passwords.  They will never be
diplayed again (at least not in our/kids/grandkids lifetime).

	I like it Scott.
	Matt Murphy, kc8bew
	Muskingum Co. ARES EC

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.tapr.org/pipermail/aprssig_lists.tapr.org/attachments/20090123/5d4a9f48/attachment.html>

More information about the aprssig mailing list