[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-users
Subject: Re: A better way to think about passwords
From: Faramir <faramir.cl () gmail ! com>
Date: 2011-04-26 22:47:55
Message-ID: 4DB74B9B.2070809 () gmail ! com
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
El 24-04-2011 13:47, Ingo Klöcker escribió:
> On Sunday 24 April 2011, Faramir wrote:
...
>> You can store them in a password manager, it's more secure than a
>> txt file or a post-it on the screen.
>
> That's not true. A Post-It is much more secure if you do not have to
> keep the password secret from people who have physical access to your
> computer. For most home users this should be the case.
Indeed. In fact, I keep some passwords on paper, just in case I can't
use my password manager (like the password to access the site where I
stored the password manager database backup. It doesn't include the
passphrase to open the backup, just in case).
By the way, I just found something interesting: an extension for
Firefox, to make different passwords for each site, but all of them
based on a single "master password", so people just need to remember 1
password, and yet knowing the password for 1 site won't grant the
attacker access to the other sites.
Here is the link:
http://trac.arantius.com/wiki/Extensions/MagicPasswordGenerator
I'm not saying that addon or that practice is safe, I'm just saying
the concept is interesting. I'm not saying it is unsafe, either.
Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBCAAGBQJNt0ubAAoJEMV4f6PvczxAS88H/iRHOhktDKveJRtjwoMw3NBo
Z0hSKNRBHFf25cJ0G+jA09XP5+MP3ldTU4inWu5mm3jmSafCyRFPdf6Q0UB7hIO3
pYPd7x2GoqjiUfdAnZPhK648myd/m4/XaYlGQsjspmj9S/Omcx/okW0OgGCe1jn6
JZ7lCzaLoyI7Rxj+wTLVNaVwrPMBvcikYvN5HLnCgco6g5LXzgxBDT2LntI2LkWE
+QTe+rSwYLEu2bAQkqkj9W90Jgkh+loCBWXkI/xoROAwtAxEPNB3nhxoxljETWxx
SHMBcfqwHlDh6vo5Vh//yqGbPaqqcQ3ESURSBS19Gwa0KJ2HwDver0cr49XAxEk=
=vpMd
-----END PGP SIGNATURE-----
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic