Assurance

[Brian Arkills <>]

Has anyone extended this tool to account for multiple identity providers with the same shared secret for a given user and a larger set of possible characters? These seem like the two most obvious shortcomings that'd it'd be nice to take into account.

 

From: [mailto:] On Behalf Of Dean Woodbeck
Sent: Tuesday, December 13, 2011 10:15 AM
To:
Subject: Re: [Assurance] Password scheme design tool...

 

Hi Mark,

NIST used to have a password entropy tool on their website, but it was taken down a couple of years back. I downloaded it prior to its demise and have attached it, in case this might help.

Dean

On Dec 13, 2011, at 1:05 PM, Mark John Rank wrote:

> Folks:
>
> I use to have a spreadsheet tool that allowed me to
> model the entropy strength for a credential by adjusting
> different parameters (#char, size of character set, TTL,
> lockout rule, etc.).  I appear to have lost track of
> it and was wondering if the collective could suggest/share/point
> me to a replacement resource?  I thought I would ask
> before trying to reconstruct from first principles.
>
> Thanks in advance,
> Mark
>
> ------------------------------------------
> Mark Rank - IAM Program Manager
> University Information Technology Services
> UW-Milwaukee                      
> Email:            
> Phn:  414-229-3706    
> ------------------------------------------
>