I recently added a mac mini to my digital ecology, and it got me bustling about tidying up a bit.
One area is logins. I fixed the mini so that I can ssh to it, but only via crypto (ssh-keygen) keys. I had a port-scan within 2 hours of forwarding port 22 from my airport, so feel that passwords simply are a Bad Idea in this day and age. My ISP also lets me use key pairs so that got me thinking about alternatives to name/password logins. Now, I *do* believe passwords can be made reasonably secure: http://goo.gl/jqV7w .. maybe even more secure than key/pairs which can be compromised stealing my laptop. So a few questions about your experiences: - Can I use public keys for heavily used sites (gmail, amazon, ...)? - Is openID a reasonable alternative? http://openid.net http://goo.gl/BOpg - Do you have a name/password strategy that you like? - Any other alternatives? -- Owen ============================================================ FRIAM Applied Complexity Group listserv Meets Fridays 9a-11:30 at cafe at St. John's College lectures, archives, unsubscribe, maps at http://www.friam.org
