As a matter of interest, has anyone on the list tried running John the Ripper on their password file? I just tried mine, and was rather alarmed! I have 3 users, me, my partner, and root. All 3 have passwords which are non-dictionary words, all have a mix of upper and lower case letters, and 2 of the three have numbers in them. John the Ripper has been running for 48 hours or so on my aging PIII-500 box, and has so far broken 2 of them! I suspect the third won't take too much longer, and on a faster box would have succumbed a long time ago. I thought my passwords were actually quite good ones. Clearly not. Hmmm... -- "...our desktop is falling behind stability-wise and feature wise to KDE ...when I went to Mexico in December to the facility where we launched gnome, they had all switched to KDE3." - Miguel de Icaza, March 2003