[ale] OT - New encryption technology using a piece of paper

Pete Hardie pete.hardie at gmail.com
Tue Sep 6 11:40:01 EDT 2011


I think the stateless nature of the web is an obstacle for this - how
do you tell it's a second/third/etc attempt when you would need to
track it for a large number of different logins per second (the rest
of your user population)?

It works for terminal logins because they are relatively few in
number, and essentially fixed in number.


On Tue, Sep 6, 2011 at 11:30, Drifter <drifter at oppositelock.org> wrote:
> I'm sorry. I guess I don't have a high enough Geek Quotient.  But I just
> don't get it.
> Can't the industry put a halt to brute force attempts at password cracking
> simply by instituting an ever-increasing delay following incorrect
> password input? It shouldn't be necessary to lock folks out after X wrong
> inputs; just increase the delay: 0.1 seconds; 0.2; 0.4;0.8;1.6 . . . . Or
> pick some other increasing variable. One computer may have the ability to
> output a gazillion passwords per second, but if the receiving computer
> won't allow the high speed input, the attempted crack fails.
>
> Sean
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>



-- 
Pete Hardie
--------
Better Living Through Bitmaps



More information about the Ale mailing list