The whole Gawker thing was quite ridiculous. I'd never heard of Gawker until this breach occurred, and now sites like LinkedIn (which I am a member of) require me to change my password, just because my email was amongst those stolen from Gawker. One would have to assume that my "Gawker" password was invalid since I'd never signed up to it.
Do social websites really need to "pad" their membership lists with email addresses harvested off the web? I'm continuously spammed by Plaxo even though as far as I can tell you need to have a Windows computer to use it, so never bothered with that either. Cheers On Wed, Dec 22, 2010 at 12:44:02PM -0700, Douglas Roberts wrote: > I use dropbox to keep an encrypted document of all my passwords too. Good > old gpg. Now, if I could just remember my pass phrase... > > --Doug > > On Wed, Dec 22, 2010 at 12:25 PM, Roger Critchlow <[email protected]> wrote: > > > I just moved my keepassx password vault onto my dropbox folder, and > > installed the android keepassx client on my phone. > > > > Seems that every few days I get an email from some online account that > > noticed my email address in the compromised gawker data and wonders if I > > should change my password. But the bulk of the accounts, which all used the > > same email address, haven't been heard from. > > > > -- rec -- > > > > On Wed, Dec 22, 2010 at 9:57 AM, Owen Densmore <[email protected]>wrote: > > > >> I recently added a mac mini to my digital ecology, and it got me bustling > >> about tidying up a bit. > >> > >> One area is logins. I fixed the mini so that I can ssh to it, but only > >> via crypto (ssh-keygen) keys. I had a port-scan within 2 hours of > >> forwarding port 22 from my airport, so feel that passwords simply are a Bad > >> Idea in this day and age. > >> > >> My ISP also lets me use key pairs so that got me thinking about > >> alternatives to name/password logins. > >> > >> Now, I *do* believe passwords can be made reasonably secure: > >> http://goo.gl/jqV7w .. maybe even more secure than key/pairs which can be > >> compromised stealing my laptop. > >> > >> So a few questions about your experiences: > >> - Can I use public keys for heavily used sites (gmail, amazon, ...)? > >> - Is openID a reasonable alternative? http://openid.net > >> http://goo.gl/BOpg > >> - Do you have a name/password strategy that you like? > >> - Any other alternatives? > >> > >> -- Owen > >> > >> > >> > >> ============================================================ > >> FRIAM Applied Complexity Group listserv > >> Meets Fridays 9a-11:30 at cafe at St. John's College > >> lectures, archives, unsubscribe, maps at http://www.friam.org > >> > > > > > > ============================================================ > > FRIAM Applied Complexity Group listserv > > Meets Fridays 9a-11:30 at cafe at St. John's College > > lectures, archives, unsubscribe, maps at http://www.friam.org > > > > > > -- > Doug Roberts > [email protected] > [email protected] > 505-455-7333 - Office > 505-670-8195 - Cell > ============================================================ > FRIAM Applied Complexity Group listserv > Meets Fridays 9a-11:30 at cafe at St. John's College > lectures, archives, unsubscribe, maps at http://www.friam.org -- ---------------------------------------------------------------------------- Prof Russell Standish Phone 0425 253119 (mobile) Mathematics UNSW SYDNEY 2052 [email protected] Australia http://www.hpcoders.com.au ---------------------------------------------------------------------------- ============================================================ FRIAM Applied Complexity Group listserv Meets Fridays 9a-11:30 at cafe at St. John's College lectures, archives, unsubscribe, maps at http://www.friam.org
