BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Password managers
- Subject: [Discuss] Password managers
- From: kentborg at borg.org (Kent Borg)
- Date: Wed, 6 May 2020 20:26:17 -0400
- In-reply-to: <5eb34f22.1c69fb81.8746.1128@mx.google.com>
- References: <9c4a5c7e-55aa-8ae1-da3b-4512cb2ae85c@gmail.com> <5eb1f81d.1c69fb81.80c8b.07ca@mx.google.com> <CANiupv686GBC5EZVsiEf831-b4i0E3NjZ3fnsDToM02z1zjUNg@mail.gmail.com> <5eb223cd.1c69fb81.6fa04.3ab5@mx.google.com> <0cbc8403-48a5-14bd-524c-a4eded6b64fa@borg.org> <e2be00f8-8de6-4645-e71b-a5d14f78ede7@borg.org> <5eb2d4b7.1c69fb81.c9540.9f0b@mx.google.com> <2fc76d5b-e5bd-2aa4-7002-7e7b65461d76@borg.org> <5eb2f4ba.1c69fb81.676b1.a824@mx.google.com> <bc8f39ad-543c-9be6-169b-b8b2c13261a9@borg.org> <5eb2fac0.1c69fb81.34622.b7dd@mx.google.com> <31156b7d-880c-f77f-0972-f1ebbe4ab837@borg.org> <5eb34f22.1c69fb81.8746.1128@mx.google.com>
On 5/6/20 7:58 PM, Rich Pieri wrote: > Proof against dictionary and rainbow table attacks against compromised > account databases, Why do you care about rainbow attacks? Once a site is so badly compromised that an attacker the account database...what difference does it make if your plaintext password can be acquired? They are so owned. Unless you have reused that password elsewhere... > and making brute force atacks against my accounts > take longer than the low hanging fruit. I'm content to have password lives that are on-order similar to my life. I don't see the purpose in password lives that are on-order matched to longer than the expected live of the universe. > I call straw man. My passwords are not used by a human being beyond > generation and copy-pasting into my vaults. Therefore, human-centric > constraints such as being memorable are unnecessary. Therefore, there > is no actual cost or loss of security. Which is near where we started. By having passwords so cumbersome that they require convenience-driven password management you are betting that your password manager software is, for some magical reason, bug-free. -kb
- Follow-Ups:
- [Discuss] Password managers
- From: kentborg at borg.org (Kent Borg)
- [Discuss] Password managers
- References:
- [Discuss] Password managers
- From: j.natowitz at gmail.com (Jerry Natowitz)
- [Discuss] Password managers
- From: richard.pieri at gmail.com (Rich Pieri)
- [Discuss] Password managers
- From: sweetser at alum.mit.edu (Doug)
- [Discuss] Password managers
- From: richard.pieri at gmail.com (Rich Pieri)
- [Discuss] Password managers
- From: kentborg at borg.org (Kent Borg)
- [Discuss] Password managers
- From: kentborg at borg.org (Kent Borg)
- [Discuss] Password managers
- From: richard.pieri at gmail.com (Rich Pieri)
- [Discuss] Password managers
- From: kentborg at borg.org (Kent Borg)
- [Discuss] Password managers
- From: richard.pieri at gmail.com (Rich Pieri)
- [Discuss] Password managers
- From: kentborg at borg.org (Kent Borg)
- [Discuss] Password managers
- From: richard.pieri at gmail.com (Rich Pieri)
- [Discuss] Password managers
- From: kentborg at borg.org (Kent Borg)
- [Discuss] Password managers
- From: richard.pieri at gmail.com (Rich Pieri)
- [Discuss] Password managers
- Prev by Date: [Discuss] Password managers
- Next by Date: [Discuss] Password managers
- Previous by thread: [Discuss] Password managers
- Next by thread: [Discuss] Password managers
- Index(es):