Hi, Brian wrote: > I think you had a provider's compromised database in mind when you wrote > this.
Yes. That's the way how an attacker can get the biggest harvest and also the risk which you cannot influence from remote. > An attacker would be limited by his imagination and monetary and > time costs but, in the end, it could be assumed he would get something > out of it. It would be desirable if he could not get your password before the service provider takes notice of the theft and decides to take action. > The compromise is also not the user's responsibilty and it is > unfair to put the burden for mitigating it on him If suddenly money vanishes from your account or luxury goods get ordered at your expense, then it will possibly be seen as lame excuse if you point to a possible password theft. > Guessable? Is this the type of guessing done by friends, acquaintances > and close family members to try to get at your gmail or bank account? I rather think of web crawlers, statistical tools, and artificial intelligence on the field of human psychology. The goal is to avoid most of the tries with passwords which a human is very unlikely create. > Random is excellent; write it down or use a password manager. The first advice was deprecated for a long time but seems now to be revived by the necessity to use superhumanly safe passwords. Need makes courageous. The second way means that you give all your passwords to one or a few pieces of software, which might be safe, maybe. You still need to memorize at least one password that is good enough to guard all the others. As for allowing only a limited frequency of tries: If the attacker can steal the encrypted passwords, then he can probably create a version of the password manager software which makes as many tries as fast as the CPU can do. It would help a lot if nobody knows how to make the tries fast. Have a nice day :) Thomas
