On 22 Feb 2012, at 22:13, Tim Roberts wrote:

>> It may look a bit mysterious at this end, because it gives an impression of 
>> somebody hacking the mailing list, whereas in reality, the mail account has 
>> been hacked. One way to do the latter is to install a key logger in Internet 
>> cafes, a method common in some parts of the world, I am told.
> There is now a simple tool floating around the hacker community that
> does a brute-force dictionary attack on a mail server.  You give it a
> server name and a list of known email accounts, and it tries hundreds of
> thousands of common passwords.  Once they have your password, they can
> send mail through your server as if they were you.  Your account and
> your server get blacklisted, and it takes you days to wade through the
> millions of spam bounce messages you get in reply.
> The tool is simple enough that anyone can run it.  And since many
> people use simple passwords (like "password"), they generally get a hit
> pretty quickly.  If your email password is a simple word, NOW is the
> time to change it.  Use capitals, lower case, numbers, and symbols, if
> your provider allows them.  Consider, for example, using a phrase.  For
> example, "I love to play music".  Convert the "to" to "2", add an
> exclamation, and you might get "Il2pm!".  That's easy to remember but
> not easy to guess.

These days one can use a password entropy calculator - net searches on these 
words give several hits. Cf.

On OS X, there is one in System Preferences -> Users & Groups -> Change 
Password, and click on the key icon. To see the entropy, hold the pointer still 
over the over the quality bar. For example, "helloworld" gets entropy 13.0 
(poor), but "h e l l o  w o r l d !" get entropy 130.0 (good).


lilypond-user mailing list

Reply via email to