[ale] password management
Christopher Bergeron
christopher at bergeron.com
Wed Jul 23 11:53:30 EDT 2003
J.M. Taylor wrote:
>I always kept one copy in a firesafe somewhere, er, safe, just in case the
>Run Over By A Bus thing were to happen.
>
>I never got the chance to do the keychain thing, but I would think that
>using PGP/GPG to encrypt a file with your passwords, and storing that on a
>keychain USB drive would be pretty cool, as long as you trusted the
>machines you were using to decrypt said file. It *seems* safer than
>writing it down on a piece of paper and stuffing the paper into my wallet
>to get washed, etc, but would be interested to hear flaws in that idea.
>
jenn - How often do you wash your wallet? I think there might be more
than a password problem there. :)
>It also seems safer than the palm, just because pdas are easier to leave
>lying about than something stuck on your keychain (at least, for me). I
>also have no idea how the keychain USB drives work with Linux....
>
>Re Jonathan's mnemonics...couldn't I then use your hostname in a
>customized brute-force attack? Or is the length and complexity of the
>password enough to foil that kind of thing?
>
I think that's why Jonathan added the addendum post saying he uses
punctuation too. I hope he didn't accidently give out his algorithm...
Considering he's works at XCorp, I doubt that was the case.
-CB
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list