On Fri, 11 Apr 2014 17:40:36 -0400, Walter Bright
<[email protected]> wrote:
On 4/11/2014 9:55 AM, Steven Schveighoffer wrote:
On Fri, 11 Apr 2014 12:42:31 -0400, Walter Bright
<[email protected]>
wrote:
On 4/11/2014 5:18 AM, Steven Schveighoffer wrote:
If, after the last year of hacking, and the heartbleed bug, people
are not using
password tracker/generators, you haven't learned anything :)
But those pw managers are a single point of failure. One mistake and
you've
compromised or lost everything.
What mistake?
Having a single password for everything. Heck, you could simply forget
that password.
There are dual-factor authentication options, including hardware-based
ones.
Forgetting the password is unlikely. I only have to remember one.
If your machine it is installed on is stolen, you've lost all your
passwords.
Etc.
Read about LastPass. Your last-pass vault is encrypted and stored in
the cloud.
Or there could be a bug in LastPass that makes it crackable. Not like
something like that has never happened before (cough, cough), again, a
single point of failure and everything is lost.
Again, read up.
I remember a while back about someone with a Mac password vault lost his
whole online life when the vault got compromised.
I'm sure there are a couple anecdotes about people who aren't very careful
with their master password. I'm also quite sure the number of people who
use the same password everywhere that have been compromised is far greater.
I'm not one who has the memory for remembering lots of passwords, so this
is a much better solution for me. I used to be one of those who uses the
same password everywhere. Not any more. I still think the password
manager's drawbacks are not as bad as the alternative's.
-Steve
