[ale] help - how do I log into learnstreet without ...

Wed Mar 27 17:39:18 EDT 2013

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 3/27/13 4:39 PM, Jim Kinney wrote:

> So you now have a zillion different web accounts that are TOTALLY 
> unlinked except that you use them. They all have a different 
> password.
> 
> 53
> 
> _separate_
> 
> logins
> 
> all so you can use lastpass and never remember any of the 
> passwords. Have you not heard of having classes of passwords? Some 
> really strong ones for banking sites. Some moderate ones for stuff 
> that matters but is not a crisis. And some "who gives a crap" 
> logins and passwords for stuff that is not really relevant. like a 
> crap twitter or gmail or faceplant account so you can access a 
> programming tutorial site.

Well, I thought that sounded crazy until I tallied my account/password
file, and came up with 63 different places I am tracking.  Now, I am
not at the point where all 63 of those have different passwords, but,
the account name and password combo is just about 1:1.  There are a
few classes that have similar passwords, and I've actually taken
opportunities as I do my monthly billing things to ensure I don't
reuse passwords, because of recent low-profile hacks leading to major
compromises.

That said, though, I would think nothing of adding account 64, 65, or
253.  That's what I have the tool for, and so, generating an account
for OpenID for the purpose of getting to a training site I am
interested in using doesn't give me any pause.  That's where I am now
with thinking what Ron is saying is a little unexpected.  He knows how
to use the tool, so, why is one more going to hurt?

Oh, and to further exemplify my insanity, most of the "password"
entries in my files are directions to read a PasswordCard
(http://www.passwordcard.org) that I have as an app on my phone, and I
have a few printed copies of so that my wife could lay hands on it in
case of my demise. I have been systematically doing the removal of
password in this file.

Paranoid?  Yeah, a bit, but recent events are proving that it could
happen, and while I'm hardly a high profile target right now, there
are things I am working on that should they prove successful, could
make me a target later.

And those are the accounts I care about.  The ones I don't (ie: I sign
up for something that I'll use once), all use a couple of set
passwords that are not part of the above set.  They get compromised,
and it shouldn't ever have an effect on the rest.

Even now, I read this message and I think I'm being obscenely
paranoid, but I got here for a reason...

And there's still are sites I need to change passwords on, or at least
try to do so to see if they've increased the level of entropy I can
introduce.

Brian

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQE4BAEBCAAiBQJRU2cGGxhoa3A6Ly9rZXlzZXJ2ZXIudWJ1bnR1LmNvbQAKCRD5
XCJY/q4Y6P8pB/9mU/SpfCNT1VDB6iBh6Oiw6ygrPbxf9CTY+At4p4evTdQizEDR
rDloABCGRa2+f6FoQVxfSV1ViJq8i6wJAOQ547JR965+3z+gXXe45/R4I9j1rsNb
d0md0uCObgflwBF20VVL0Kpk1Xzh1D41LiSClYLWedrXz+2JzRX9DmXsnlGgL92I
CpElQWnlSXAAmFu2UHFzoMEyRCdP2Tdqc5M5AJa+e7pAoHCwmA3wl8Fy0RoE1TVj
JeWEs3JZocULObPMY9rxCBv6IRqq/zYW/681DcU1oBpdRR8V5YTDj4FrE8la3O3T
SgshOSQhcMfjmWtWLR30ciyvA9vAqHfr4nNf
=D/zZ
-----END PGP SIGNATURE-----