Date: Tue, 17 Jan 2012 21:58:25 +0200 From: Henri Salo <henri@...v.fi> To: oss-security@...ts.openwall.com Subject: Re: Re: pwgen: non-uniform distribution of passwords On Tue, Jan 17, 2012 at 11:51:31PM +0400, Solar Designer wrote: > It was just pointed out to me off-list that the man page for pwgen > specifically mentions that this kind of passwords "should not be used in > places where the password could be attacked via an off-line brute-force > attack." I had missed that detail or at least I did not recall it. > > This kind of documentation certainly mitigates the problem to some extent. I'll bet most of the end-users will also miss this if you did. - Henri Salo
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ