On Thu, 18 Apr 1996, Jon Leonard wrote:
Ben Rothke writes:
The exception to this is when you may be overheard typing a password. The space bar sounds different, and an attacker who knows you've used a space has a significantly smaller search space.
So I usually recommend avoiding space, @, #, and control characters when generating passwords. Have I missed any or gotten too many?
Why would you want to avoid #, @, etc. ? I have a hard enough time getting lusers to choose non-dictionary passwords that they can *remember* - one technique is to teach sub-100 i.q. types to use two words, seperated by a #,@, etc., with a number tossed in: kill#pig1et, which isn't a dictionary word, but has a chance of being remembered without writing it on a sticky note and pasting it to the @#%&ing monitor. - r.w.