I'll provide a data point, FWIW. We are moving our companies' servers to Amazon, and generally we have only the ssh port open in addition to any public-facing ports necessary for that particular machine, such as http and https. All ssh authentication is done by public keys. I have passphrases on any private keys that are on machines that I take out of the office -- my iPhone and iPad and laptop.
I love 1Password. I have about 208 passwords stored in it. There's no way I could remember a fraction of them, so this is what makes having a separate password for every site possible. The 1Password database is encrypted and on Dropbox, so all my devices and PCs share the same database. I also have a handful of "rememberable" passwords for my laptop login, my Apple ID, and my DropBox password. There was a famous hack last summer where a hacker got control of a person's iCloud mail account. Once he had that, he was able to change passwords on a number of other accounts by using the "Forgot password?" links. Then he remotely wiped the user's laptop, phone, and iPad. The moral there was that the Dropbox account, holding the remaining copy of the 1Password database, needs to be accessible without 1Password. One of my employees has a program that will generate memorizable 11 character passwords; it knows enough about word structure that it makes nonsense words that can be pronounced. Very useful. My one password to open 1Password is memorized, 27 characters long, and generated by the "roll 6 dice, map the result to a word from this dictionary, and repeat 5 times" algorithm. --B On Jan 29, 2013, at 9:26 AM, Owen Densmore wrote: > I realize password managers (keepass, 1password, ..) can generate > gibberish passwords, any length you'd like. But it'd be nice to be > able to remember them yourself. Besides, password managers don't work > everywhere in these days of the "app" because they are browser > centric.
============================================================ FRIAM Applied Complexity Group listserv Meets Fridays 9a-11:30 at cafe at St. John's College to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
