--- begin forwarded text
Delivered-To: [EMAIL PROTECTED] Date: Mon, 17 Oct 2005 20:02:26 -0400 To: Philodox Clips List <[EMAIL PROTECTED]> From: "R.A. Hettinga" <[EMAIL PROTECTED]> Subject: [Clips] Bypassing the Password Prompt Reply-To: [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] <http://www.washingtonpost.com/wp-dyn/content/article/2005/10/15/AR2005101500178_pf.html> The Washington Post washingtonpost.com Bypassing the Password Prompt By Mike Musgrove Washington Post Staff Writer Sunday, October 16, 2005; F07 So many passwords, so little memory. In a digital era where everybody can access everything from bank information to vacation photos online, passwords are everywhere and many folks in the plugged-in world are finding they have more than they can remember. Password-management software, designed to give people a safe place to stash all those secret codes, has become a mini-industry unto itself. For Mac users, Apple has even built a password-stashing program, called Keychain, into the operating system. Security expert Bruce Schneier, the author of a free program for Windows users, got so tired of having to keep a lot of seldom-used passwords in his head that he designed a digital-locker program that he gives away at his security-focused blog, http://www.schneier.com/ . Schneier says his program, which is basically a notepad locked under its own password, uses "military-level" encryption. "Basically, the idea is that you could hand this file to your worst enemy, and he still couldn't get to your passwords," he said. Just don't come complaining to him if you forget the password that you use to open the program because he has no way to access it. Schneier's program requires users to copy and paste their password from his program to any password-protected application or Web site. For users looking to reclaim a few more precious seconds from their daily Web routine, there's another program that makes things even a little easier. A security widget from Siber Systems Inc., a small software company in Fairfax, automates the process of logging on to password-protected Web sites. Click on your "Hotmail" entry in the program, for example, and RoboForm will automatically enter your information and log you in to the Web-based e-mail program. If you like, the program will even randomly generate a password for you, all the better for protecting that valuable info locked up at your online stock account. Siber Systems marketing executive Bill Carey says that the program, which will also stash your credit card information and fill it out when you make purchases online, has been downloaded 6 million times since its launch in 2001. The company offers a free trial version of the software at http://www.roboform.com/ ; the full version costs $29.95. Sometimes Web users can circumvent the process of having to use a password at all. For Web surfers who don't want to register at pesky news sites that want your e-mail address and demographic information, one site, http://www.bugmenot.com , is a clearinghouse for bogus accounts. It'll set you up with cheeky fake names and passwords -- like "[EMAIL PROTECTED]" and "death_to_logons" -- that already work on the site you're trying to access. Though Bugmenot.com is primarily a handy way to avoid registering at a news site -- the site lists washingtonpost.com as an offender -- it also pitches itself as a social movement for those who find it annoying that such Web sites ask for personal information. The site has a petition online, a protest "to demonstrate the pointless nature of forced Web site registration schemes and the dubious demographic data they collect." By signing the petition, Bugmenot.com users vow to create a fake account at one of the "top ten offending sites" on Nov. 13, which the site dubs "Internet Advertiser Wakeup Day." -- ----------------- R. A. Hettinga <mailto: [EMAIL PROTECTED]> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' _______________________________________________ Clips mailing list [EMAIL PROTECTED] http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- ----------------- R. A. Hettinga <mailto: [EMAIL PROTECTED]> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
