Re: is it rational to close the 139 port
- To: firstname.lastname@example.org
- Subject: Re: is it rational to close the 139 port
- From: Chris Bannister <email@example.com>
- Date: Fri, 3 Aug 2012 19:26:56 +1200
- Message-id: <20120803072656.GA7609@tal>
- In-reply-to: <firstname.lastname@example.org>
- References: <20120730012708.GA10124@khazad-dum.debian.net> <20120730092100.GB12993@sid.nuvreauspam> <20120730101405.GB22006@khazad-dum.debian.net> <501692E6.email@example.com> <firstname.lastname@example.org> <email@example.com> <firstname.lastname@example.org> <email@example.com> <20120731083156.GK17427@tal> <firstname.lastname@example.org>
On Wed, Aug 01, 2012 at 10:22:09AM -0400, Celejar wrote:
> There have been numerous well-publicized breaches at banks, major
> retailers, etc. (and doubtless even more unpublicized ones). If / when
> hackers get your credentials to one institution, do you really want
> them to have the keys to all your accounts?
OK, I downloaded pwgen, issued "pwgen -s 15 3" changed chosen password.
All I have to worry about now is someone getting hold of that piece of
paper. IOW, http://xkcd.com/792/, and Glenn's post tipped my thinking.
Perhaps it is misleading for pwgen to state:
-s, --secure These should only be used for machine passwords, since
otherwise it's almost guaranteed that users will simply write the
password on a piece of paper taped to the monitor...
"If you're not careful, the newspapers will have you hating the people
who are being oppressed, and loving the people who are doing the
oppressing." --- Malcolm X