[ARIN-consult] Consultation on Requiring Two-Factor Authentication (2FA) for ARIN Online Accounts

Owen DeLong owen at delong.com
Wed May 25 23:05:20 EDT 2022


A good point… Obtaining and comparing against compromised password lists is fairly trivial and provides computational low hanging fruit here.

Owen


> On May 25, 2022, at 10:15, Gary Buhrmaster <gary.buhrmaster at gmail.com> wrote:
> 
> On Wed, May 25, 2022 at 3:41 PM Ross Tajvar <ross at tajvar.io> wrote:
> 
>> .... And even then, a sufficiently long passphrase using dictionary words is pretty secure (vs a short one)
> 
> As long as the passphrase is not "correcthorsebatterystaple"
> which is now in lists of well known compromised passwords.
> 
> (obligatory xkcd ref: https://xkcd.com/936/ )
> _______________________________________________
> ARIN-Consult
> You are receiving this message because you are subscribed to the ARIN Consult Mailing
> List (ARIN-consult at arin.net).
> Unsubscribe or manage your mailing list subscription at:
> https://lists.arin.net/mailman/listinfo/arin-consult Please contact the ARIN Member Services
> Help Desk at info at arin.net if you experience any issues.



More information about the ARIN-consult mailing list