Re: is it rational to close the 139 port
- To: email@example.com
- Subject: Re: is it rational to close the 139 port
- From: Celejar <firstname.lastname@example.org>
- Date: Fri, 3 Aug 2012 10:28:13 -0400
- Message-id: <email@example.com>
- In-reply-to: <20120803072656.GA7609@tal>
- References: <20120730012708.GA10124@khazad-dum.debian.net> <20120730092100.GB12993@sid.nuvreauspam> <20120730101405.GB22006@khazad-dum.debian.net> <501692E6.firstname.lastname@example.org> <email@example.com> <firstname.lastname@example.org> <email@example.com> <firstname.lastname@example.org> <20120731083156.GK17427@tal> <email@example.com> <20120803072656.GA7609@tal>
On Fri, 3 Aug 2012 19:26:56 +1200
Chris Bannister <firstname.lastname@example.org> wrote:
> On Wed, Aug 01, 2012 at 10:22:09AM -0400, Celejar wrote:
> > There have been numerous well-publicized breaches at banks, major
> > retailers, etc. (and doubtless even more unpublicized ones). If / when
> > hackers get your credentials to one institution, do you really want
> > them to have the keys to all your accounts?
> OK, I downloaded pwgen, issued "pwgen -s 15 3" changed chosen password.
> All I have to worry about now is someone getting hold of that piece of
> paper. IOW, http://xkcd.com/792/, and Glenn's post tipped my thinking.
> Perhaps it is misleading for pwgen to state:
> -s, --secure These should only be used for machine passwords, since
> otherwise it's almost guaranteed that users will simply write the
> password on a piece of paper taped to the monitor...
I use the '-s' switch for all my passwords, and I store them in a
master file on my machine (which uses full disk encryption).