Secure character length for a pre-shared key

Unanswered Question
Dec 7th, 2007

Hey folks,

We're implementing a router-to-router IPSEC VPN using pre-shared keys. How many characters would you use in order to fell as though you have a "strong" pre-shared key?

Also, while testing this in the lab, I noticed that although I have "service password-encryption" enabled, the pre-shared keys show up in plaintext next to my "crypto isakmp key" commands. Any way to hide it?

Thanks,

SM

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.3 (3 ratings)
Loading.
ccbootcamp Fri, 12/07/2007 - 08:36

I like to use a minimum of 12 char. mixing it up between upper case, lower case, numeric, and symbols. Just my rule of thumb.

No way to hide the key, sorry. Just use some crazy, long key that makes no sense. Heck, but the word ENCRYPTED before or after it as well and you'll really confuse someone!!! :)

-brad

www.ccbootcamp.com

(please rate the post if this helps!)

Actions

This Discussion