A better way to think about passwords
Faramir
faramir.cl at gmail.com
Wed Apr 27 00:47:55 CEST 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
El 24-04-2011 13:47, Ingo Klöcker escribió:
> On Sunday 24 April 2011, Faramir wrote:
...
>> You can store them in a password manager, it's more secure than a
>> txt file or a post-it on the screen.
>
> That's not true. A Post-It is much more secure if you do not have to
> keep the password secret from people who have physical access to your
> computer. For most home users this should be the case.
Indeed. In fact, I keep some passwords on paper, just in case I can't
use my password manager (like the password to access the site where I
stored the password manager database backup. It doesn't include the
passphrase to open the backup, just in case).
By the way, I just found something interesting: an extension for
Firefox, to make different passwords for each site, but all of them
based on a single "master password", so people just need to remember 1
password, and yet knowing the password for 1 site won't grant the
attacker access to the other sites.
Here is the link:
http://trac.arantius.com/wiki/Extensions/MagicPasswordGenerator
I'm not saying that addon or that practice is safe, I'm just saying
the concept is interesting. I'm not saying it is unsafe, either.
Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBCAAGBQJNt0ubAAoJEMV4f6PvczxAS88H/iRHOhktDKveJRtjwoMw3NBo
Z0hSKNRBHFf25cJ0G+jA09XP5+MP3ldTU4inWu5mm3jmSafCyRFPdf6Q0UB7hIO3
pYPd7x2GoqjiUfdAnZPhK648myd/m4/XaYlGQsjspmj9S/Omcx/okW0OgGCe1jn6
JZ7lCzaLoyI7Rxj+wTLVNaVwrPMBvcikYvN5HLnCgco6g5LXzgxBDT2LntI2LkWE
+QTe+rSwYLEu2bAQkqkj9W90Jgkh+loCBWXkI/xoROAwtAxEPNB3nhxoxljETWxx
SHMBcfqwHlDh6vo5Vh//yqGbPaqqcQ3ESURSBS19Gwa0KJ2HwDver0cr49XAxEk=
=vpMd
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list