james007wjs at gmail.com
Sat Feb 12 14:53:46 EST 2011
Only problem with lastpass and keepassx is the single password to
store all your passwords
The secure way to use sticky notes
> That's pretty cool. Lasspass is a neat option that stores all you long
> cryptic passwords in an encrypted vault and automatically feeds them to
> website login screens when needed. Everything is protected by a master
> password. You could use your strategy for the master password.
> On 02/12/2011 11:04 AM, Drifter wrote:
>> the recent chatter about network security has, mostly, skirted around
>> the password problem. Too many web sites that need strong security
>> restrict passwords by length, or character set, or both. So also do
>> many corporate web sites. Software exists that can generate random
>> alphanumeric passwords, but they routinely suffer the same fault:
>> being difficult to remember, users end up with notes taped to
>> monitors, voiding the security.
>> For the past decade or so I have been recommending that computer users
>> pick out several favorite poems/songs and use them to generate passwords.
>> For example, fans of mathematics might reach for Lewis Carroll:
>> The time has come, the Walrus said, to talk of many things,
>> which would generate the short password <tthctwsttomt>, which munged
>> just a little bit becomes <TthctW5ttomT>.
>> or perhaps,
>> 'Twas brillig, and the slithy toves
>> Did gyre and gimble in the wabe
>> which would generate <tbatstDgagitw>
>> English majors might prefer something from "The Love Song of J. Alfred
>> In the room the women come and go,
>> Talking of Michelangelo.
>> Or the opening of "A Tale of Two Cities":
>> It was the best of times, it was the worst of times;
>> I do not, for obvious reasons, ever suggest the song
>> "All I want for Christmas is a hippopotamus." :)
>> The people I advise do not understand the need for encryption, so the
>> topic of pass phrases does not usually come up. Memorable quotations
>> from obscure works are ideal, but all too often are not considered.
>> I wish that financial institutions would lift restrictions on password
>> length and complexity, but that would, almost certainly, entail
>> reworking a poorly crafted database.
More information about the Ale