[ale] passwords

wes smith james007wjs at gmail.com
Sat Feb 12 14:53:46 EST 2011


Only problem with lastpass and keepassx is the single password to
store all your passwords
https://www.passwordcard.org/
The secure way to use sticky notes

> That's pretty cool.  Lasspass is a neat option that stores all you long
> cryptic passwords in an encrypted vault and automatically feeds them to
> website login screens when needed.  Everything is protected by a master
> password.  You could use your strategy for the master password.
>
> Ron
>
> On 02/12/2011 11:04 AM, Drifter wrote:
>>
>> the recent chatter about network security has, mostly, skirted around
>> the password problem. Too many web sites that need strong security
>> restrict passwords by length, or character set, or both. So also do
>> many corporate web sites. Software exists that can generate random
>> alphanumeric passwords, but they routinely suffer the same fault:
>> being difficult to remember, users end up with notes taped to
>> monitors, voiding the security.
>>
>> For the past decade or so I have been recommending that computer users
>> pick out several favorite poems/songs and use them to generate passwords.
>>
>> For example, fans of mathematics might reach for Lewis Carroll:
>>
>> The time has come, the Walrus said, to talk of many things,
>>
>> which would generate the short password <tthctwsttomt>, which munged
>> just a little bit becomes <TthctW5ttomT>.
>>
>> or perhaps,
>>
>> 'Twas brillig, and the slithy toves
>> Did gyre and gimble in the wabe
>>
>> which would generate <tbatstDgagitw>
>>
>> English majors might prefer something from "The Love Song of J. Alfred
>> Prufrock":
>>
>> In the room the women come and go,
>>
>> Talking of Michelangelo.
>>
>> Or the opening of "A Tale of Two Cities":
>>
>> It was the best of times, it was the worst of times;
>>
>> I do not, for obvious reasons, ever suggest the song
>>
>> "All I want for Christmas is a hippopotamus." :)
>>
>> The people I advise do not understand the need for encryption, so the
>> topic of pass phrases does not usually come up. Memorable quotations
>> from obscure works are ideal, but all too often are not considered.
>>
>> I wish that financial institutions would lift restrictions on password
>> length and complexity, but that would, almost certainly, entail
>> reworking a poorly crafted database.
>>
>> Sean



More information about the Ale mailing list