diff -r 11f5f86bf956 -r 948f4b39d55d hws/hw01.tex
--- a/hws/hw01.tex	Wed Sep 09 11:08:54 2015 +0100
+++ b/hws/hw01.tex	Thu Sep 10 09:45:10 2015 +0100
@@ -104,6 +104,14 @@
 
 \item What is the difference between a brute force attack and a 
   dictionary attack on passwords? 
+  
+\item Even good passwords consisting of 8 characters, can be 
+  broken in around 50 days (obviously this time varies a lot and
+  also gets shorterand shorter). Do you think it is good 
+  policy to require users to change their password every 3 
+  months (as King's did until recently)? Under which 
+  circumstance should users be required to change their 
+  password?
 
 \item What are good uses of cookies (that is browser cookies)?