[Discuss] Password managers
Doug
sweetser at alum.mit.edu
Wed May 6 21:44:34 EDT 2020
> And even
> then be really worried that, though your password software and how you
> use it might be really, really excellent, if someone has spyware on your
> machine that targets your password software, you are *so* screwed.
>
> This stuff is terrifying.
Less so if one uses two-step verification. I could type my username and
password for GMail and lastpass right here and you would not be able to get
in. The reason: you don't have my Yubikey. Most banks and credit card
companies use people's cell phones as a 2SV. The cell phone is not as good
as a Yubikey, but the second step means your money is not immediately gone
due to spyware. Spyware folks do not also steal millions of cell phones.
On Wed, May 6, 2020 at 8:44 PM Kent Borg <kentborg at borg.org> wrote:
> On 5/6/20 8:37 PM, Kent Borg wrote:
> > Choose and deploy password in such a way that you can survive many bugs.
>
> ...password software in such a way...
>
> -kb
>
>
> _______________________________________________
> Discuss mailing list
> Discuss at lists.blu.org
> http://lists.blu.org/mailman/listinfo/discuss
>
More information about the Discuss
mailing list