BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Most common (or Most important) privacy leaks
- Subject: [Discuss] Most common (or Most important) privacy leaks
- From: gaf at blu.org (Jerry Feldman)
- Date: Sat, 21 Feb 2015 08:04:06 -0500
- In-reply-to: <54E4CC30.5090009@gmail.com>
- References: <BN3PR0401MB12046B091F0FA6E67DDB34A2DC2F0@BN3PR0401MB1204.namprd04.prod.outlook.com> <54E366FE.3060806@borg.org> <BN3PR0401MB1204BCFBB4B81B46A3F6A020DC2F0@BN3PR0401MB1204.namprd04.prod.outlook.com> <54E37F9E.9040001@borg.org> <54E388A3.9080608@mattgillen.net> <54E391AE.2000304@borg.org> <54E39B78.1050909@borg.org> <BN3PR0401MB120461F5A6D32B345AC39231DC2F0@BN3PR0401MB1204.namprd04.prod.outlook.com> <54E3B908.9090809@gmail.com> <CANiupv5ogzhJeFOoF=RFXPO8SZe7G+__yb-5aep0PgaFtS=Ymw@mail.gmail.com> <54E403EA.5010305@gmail.com> <CAJFsZ=o9H0mOTUA0nmLonf6=uDRnL2FAr-VScfzQ7u1D6hqHFQ@mail.gmail.com> <54E4CC30.5090009@gmail.com>
On 02/18/2015 12:30 PM, Richard Pieri wrote: > On 2/18/2015 11:20 AM, Bill Bogstad wrote: >> And the same users are going to use "Four score ...." if you require >> longer passwords, >> so you lose anyway. > > I did preface that with "[p]assword reform starts with...". > > Key chain managers can be a good next step. They allow the use of > arbitrary, random gibberish as passwords in a way that users only need > to remember one good password for unlocking the key chain. In essence > they can do the same thing that heavy duty encryption systems do: they > generate large random keys for actual encryption and encrypt these > keys with user-provided passwords or passphrases. This way you can > have strong passwords without any password reuse. Link a key chain > manager to a trustworthy third party and you can have a robust > password management system that is resistant to attacks. > One issue I had with SecureID years ago was that it required you to log in within a certain amount of time. The number on the Secure Id was hard to read, and it would take me a couple of times before I was able to type in the number and the pin before the time out. But, I would agree that keychain managers are a viable solution. -- Jerry Feldman <gaf at blu.org> Boston Linux and Unix PGP key id:B7F14F2F PGP Key fingerprint: D937 A424 4836 E052 2E1B 8DC6 24D7 000F B7F1 4F2F
- References:
- [Discuss] Most common (or Most important) privacy leaks
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] Most common (or Most important) privacy leaks
- From: kentborg at borg.org (Kent Borg)
- [Discuss] Most common (or Most important) privacy leaks
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] Most common (or Most important) privacy leaks
- From: kentborg at borg.org (Kent Borg)
- [Discuss] Most common (or Most important) privacy leaks
- From: me at mattgillen.net (Matthew Gillen)
- [Discuss] Most common (or Most important) privacy leaks
- From: kentborg at borg.org (Kent Borg)
- [Discuss] Most common (or Most important) privacy leaks
- From: kentborg at borg.org (Kent Borg)
- [Discuss] Most common (or Most important) privacy leaks
- From: blu at nedharvey.com (Edward Ned Harvey (blu))
- [Discuss] Most common (or Most important) privacy leaks
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Most common (or Most important) privacy leaks
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Most common (or Most important) privacy leaks
- From: bogstad at pobox.com (Bill Bogstad)
- [Discuss] Most common (or Most important) privacy leaks
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Most common (or Most important) privacy leaks
- Prev by Date: [Discuss] Most common (or Most important) privacy leaks
- Next by Date: [Discuss] Most common (or Most important) privacy leaks
- Previous by thread: [Discuss] Most common (or Most important) privacy leaks
- Next by thread: [Discuss] Most common (or Most important) privacy leaks
- Index(es):
