[148575] in cryptography@c2.net mail archive

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: [Cryptography] Why don't we protect passwords properly?

daemon@ATHENA.MIT.EDU (Peter Gutmann)
Sun Dec 22 16:11:28 2013

X-Original-To: cryptography@metzdowd.com
Date: Sun, 22 Dec 2013 21:45:47 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: cryptography@patrickmylund.com, waywardgeek@gmail.com
In-Reply-To: <CAOLP8p7LFthi=ABTQMWgh=jkNwta6Hui0d_+JQBgM5iPpgg-=g@mail.gmail.com>
Cc: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com

Bill Cox <waywardgeek@gmail.com> writes:

>Why is the current flawed system used?  I just don't understand it.

It's pretty simple really.  Everyone knows that passwords are no good, so
there's no point in trying to use/apply/implement them properly.  Instead, we
need to move everyone to PKI^H^H^Hbiometrics^H^H^HOpenID^H^H^H^Hsmart
cards^H^H^H^HOAuth^H^H^H^HPassport^H^H^H^HCardSpace^H^H^H... and then all our
problems will be solved.  Any minute now.

Peter.

_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

home	help	back	first	fref	pref	prev	next	nref	lref	last	post