Mailinglist Archive: opensuse-security (145 mails)

< Previous Next >
Re: [suse-security] need a way to set more secure 8character passwords
  • From: "Carlos E. R." <robin1.listas@xxxxxxxxxx>
  • Date: Sun, 7 Nov 2004 03:14:20 +0100 (CET)
  • Message-id: <Pine.LNX.4.58.0411070305260.7239@xxxxxxxxxxxxxxxx>

The Friday 2004-11-05 at 21:15 -0500, jfweber@xxxxxxxxxxxxx wrote:

> Someone, apparently, hacked my email account at Bellsouth last week
> sometime... We of course have no idea how, since they (Bellsouth's
> alleged "Techs" ) spent all the timefrom the start, telling me it was



Probably someone has started doing dictionary attacks on mail addresses
scooped elsewere. :-/

> If anyone has a suggestion for making an 8 character password that is
> reasonably safe or hard to guess w/o being too hard for me to remember
> , I welcome such suggestions.

Good passwords are dificult to remember, used on only one account, and
changed periodically.

> Now that we finally have confirmation that Bellsouth was the culprit, I
> shall finish my transformation to all 9.2 boxes... hehehe

Not really the culprit... except by being so thickheaded not to accept the
fact of the break in. Measures could be stopping and detecting dictionary
attacks, ie, rejecting connecions from addresses repeatedly trying an
acount within an interval. And of course, not using plain password logins.

> Since they kept insisting it was not them but my computers that were
> causing the problems we stopped the installs.. to be certain .
> why is it that Windows admins refuse to accept they are the problem, or
> at least the problem is at their end??It shouldn't have taken over a
> week to ferret out the culprit. Anyone who looked at the accounts inbox

Not really windows admins, but any bad admin over there. Perhaps you did
not talk with admins, but with "call center" types.

Carlos Robinson

< Previous Next >
Follow Ups