[Dovecot] Heartbleed openssl vulnerability?

Reindl Harald h.reindl at thelounge.net
Thu Apr 10 03:35:22 UTC 2014


Am 10.04.2014 02:28, schrieb Tim Groeneveld:
> ----- Original Message -----
>>
>> the same for the class of not that critical passwords, generated
>> with random algorithms and because that stored in password safes
>> which *may* be compromised but better than "shitpwd-year-moth-123"
>>
>> so stop this polemic, there is no asbolute right solution in case
>> of credentials and before a user chosses "fuckingadmin123" i prefer
>> passwords like "!Y*c*k*m*b*S!*"
>>
> 
> I think now is a good time to point you to http://xkcd.com/936/
> 
> I would prefer "SuitableChooseNewspaper57" over "!Y*c*k*m*b*S!*"
> because I know that the first is definitely less likely to be
> stored on the back of a keyboard, or in a Word document
> named "Passwords.doc".
> 
> Plus, Suitable Choose Newspaper 57? Easy to say over the phone
> if someone ever needs my password

you missed that bit:

>>> 09.04.2014 19:54, schrieb Reindl Harald:
>>>> i have faced users in real life with where punsihed by
>>>> change their passwords each month

maybe *now* that you can't use "SuitableChooseNewspaper57"
as well as "SuitableChooseNewspaper58" the next month where
such policies are applied or anything else you remember you
understand what i mean and the next time read the whole thread
before you reply to pieces out of context

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20140410/3cc76f92/attachment.sig>


More information about the dovecot mailing list