[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: is it rational to close the 139 port

On Fri, 3 Aug 2012 19:26:56 +1200
Chris Bannister <cbannister@slingshot.co.nz> wrote:

> On Wed, Aug 01, 2012 at 10:22:09AM -0400, Celejar wrote:
> > There have been numerous well-publicized breaches at banks, major
> > retailers, etc. (and doubtless even more unpublicized ones). If / when
> > hackers get your credentials to one institution, do you really want
> > them to have the keys to all your accounts?
> OK, I downloaded pwgen, issued "pwgen -s 15 3" changed chosen password. 
> All I have to worry about now is someone getting hold of that piece of
> paper. IOW, http://xkcd.com/792/, and Glenn's post tipped my thinking.
> Perhaps it is misleading for pwgen to state:
> [...]
> -s, --secure  These should only be used for machine passwords, since
> otherwise it's almost guaranteed that users will simply write the
> password on a piece of paper taped  to the monitor...

I use the '-s' switch for all my passwords, and I store them in a
master file on my machine (which uses full disk encryption).


Reply to: