On Fri, Dec 16, 2005 at 01:27:57PM +0100, Javier Fernández-Sanguino Peña wrote:
On Thu, Dec 15, 2005 at 05:54:34PM -0500, Noah Meyerhans wrote:Well, at least there's still *some* level of physical security there; an attacker has to be at your user's desk to get the password. Plus,Noah, meet binoculars: http://www.thinkgeek.com/electronics/cameras/798d/
Don't be flippant, it lowers the level of the discourse. His point was that the password written on the paper is a completely different category of security risk, and may be a much less serious risk (approaching non-existence) based on the environment in question--and that point is entirely valid. Don't make knee-jerk reactions to security dogma like "don't write down passwords" unless you have an understanding of the risks involved in a particular situation. FWIW, I'd love to know how your binoculars would be effective in anenvironment where the computer is facing a blank wall.
Mike Stone