--- a/handouts/ho01.tex	Mon Oct 27 12:30:38 2014 +0000
+++ b/handouts/ho01.tex	Tue Oct 28 16:33:53 2014 +0000
@@ -577,19 +577,28 @@
 against a focused attack against a single password and also
 does not make poorly chosen passwords any better. Still the
 moral is that you should never store passwords in plain text.
-Never ever.\medskip
+Never ever.
+
+\subsubsection*{Further Reading}
 
-\noindent
-If you want to know more about passwords I recommend viewing some
-youtube videos from the PasswordCon(ference) which takes place each
-year. The book by Bruce Schneier about Applied Cryptography is also
-recommendable, though quite expensive.  Clearly, passwords are a
-technology that comes to the end of its usefulness, because brute
-force attacks become more and more powerful and it is unlikely that
-humans get any better in remembering (securely) longer and longer
-passwords. The big question is which technology can replace
-passwords\ldots
-\end{document}
+If you want to know more about passwords I recommend viewing
+some youtube videos from the PasswordCon(ference) which takes
+place each year. The book by Bruce Schneier about Applied
+Cryptography is also recommendable, though quite expensive.
+There is also another expensive book about penetration
+testing, but the readable chapter about passwords (Chapter 9)
+is free:
+
+\begin{center}
+\url{http://www.nostarch.com/pentesting}
+\end{center}
+
+\noindent Clearly, passwords are a technology that comes to
+the end of its usefulness, because brute force attacks become
+more and more powerful and it is unlikely that humans get any
+better in remembering (securely) longer and longer passwords.
+The big question is which technology can replace
+passwords\ldots \end{document}
 
 %%% Local Variables: 
 %%% mode: latex