Re: [OT] secure passwords
- To: debian-user@lists.debian.org
- Subject: Re: [OT] secure passwords
- From: John Hasler <jhasler@newsguy.com>
- Date: Tue, 31 Jul 2012 19:25:08 -0500
- Message-id: <[🔎] 87ehnrbgrf.fsf@thumper.dhh.gt.org>
- Reply-to: john@dhh.gt.org (John Hasler)
- In-reply-to: <20120731235738.GE395@dismay.proulx.com> (Bob Proulx's message of "Tue, 31 Jul 2012 17:57:38 -0600")
- References: <20120730012708.GA10124@khazad-dum.debian.net> <20120730092100.GB12993@sid.nuvreauspam> <20120730101405.GB22006@khazad-dum.debian.net> <501692E6.1050209@hardwarefreak.com> <87haspcogs.fsf@thumper.dhh.gt.org> <20120730161958.38c0564f@abydos.stargate.org.uk> <87d33dchqh.fsf@thumper.dhh.gt.org> <20120730181526.399068a2@abydos.stargate.org.uk> <20120731083156.GK17427@tal> <20120731155122.GA14597@playground> <20120731235738.GE395@dismay.proulx.com>
Bob writes:
> If you have some scheme of encoding the site into the password using
> some algorithm unique and secure to you then great.
> I generate truly random passwords and write them down.
So do I. The problem is that the _general public_ is constantly being
told "Never, ever, ever write down a password!". This leads directly to
widespread re-use of trivial passwords. Most people would be better off
with a list of random passords taped to the monitor than with what they
use now.
--
John Hasler
Reply to: