> The issue is similar to that of using passwords of more than > 10 characters composed of random mixed-case alphanumeric > characters (ideally with special characters mixed in). Yes - > they are provably more secure in a technical sense than > virtually any easily remembered system. > However *real people* have to use the passwords. And they > will put the damn things on taped notes on the bottom of > their laptop if you make them too hard (not conjectural - > I've caught people here doing exactly that). My solution is to use complex passwords, and write them down wrong, making my write-down a password hint, but not a password. My task is to remember what is my transform from hint to fact: (examples follow, choose your own) 1: Spell the 2 words in the password in English, but In the password use g33kp3ak on one of the words and alternating case on the other. 2: The numbers and shifted-numbers (e.g. 2 and @ on my US keyboard) in the password are swapped from the hint: the '@' in the hint is a 2 in password ... Or are they NOT case-shifted but instead position-shifted one to the right or left? Once I have a simple transform memorized, written password hints aren't much use to the on-site attacker who has access to my machine. Word-for-word transforms within context are also possible The hint of 1red9football;; becomes !ReD8f00tb411:: I think this meets the 'memorizable' need and strength-of-password need. This is only vaguely a CentOS issue. More to the CentOS point, IPv4 still words, so behind-the-firewall networks can still use it with utter abandon. Mapping internal IPv4 addresses to publicly-visible IPv6 addresses is a routing issue. How good is Linux/RH/CentOS with V6-to-V4-and-back address-type mapping? ******************************************************************* This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept for the presence of computer viruses. www.Hubbell.com - Hubbell Incorporated** _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos