PW management (was Re: break-in attempts)
Nicholas Bodley
nbodley at speakeasy.net
Mon Nov 21 17:50:22 EST 2005
On Mon, 21 Nov 2005 13:28:21 -0500, Rich Braun <richb at pioneer.ci.net>
wrote:
> Do you have some secrets on successful use?
Well not exactly. However, I did use a scheme that might be worth a
mention.
<chat>
A while back, I worked at a small computer store, and the store's machine
was password-protected. Because I often opened the store and was the only
employee there for much of the business day, it would have been bad to
lose or forget my password, and I'm a strong believer in
difficult-to-guess passwords; being an amateur linguist and very good
speller helps.
</kitty>
Being well aware of the risks of writing down passwords, I added a limited
degree of compromising difficulty by interleaving extra letters into the
machine's password before writing it down. Only I would know which letters
were "real" and which were meaningless, but the written version was a good
reminder, showing details like letter cases and embedded digits. I didn't
tell many people what I was doing, eitther. One copy was in my wallet, and
another on a slip of paper in the desk drawer. One might think of it as
quite-crude steganography that confounds by inability to distinguish
meaningful from meaningless characters.
This situation was far less likely to be attacked, I'd say, than something
like a server in a large company, where such a scheme might eventually
become known.
(In high school, we had combination locks for our lockers, and the combo.
was not changeable. I had trouble with over-the-shoulder gazing. I had
opened up a discarded combo. padlock and had learned how the mechanism
works (it's quite clever, and very simple), so I was able to make the
middle disc (of three) go back and forth (and maybe even the rear disc)
until the gazer gave up trying to memorize a dozen or so numbers.)
For me, Bruce Schneier has some excellent advice and commentary about
security, even if he does use Windows.
Regards,
--
Nicholas Bodley /*|*\ Waltham, Mass. (Not "MA")
Science education in Kansas: The water in
the oceans does not fall off the edges of the
Earth because it is God's will that it not do so.
More information about the Discuss
mailing list