Re: [FRIAM] Password Change Requests

Fri, 18 Apr 2014 12:36:12 -0700

I use 2-factor authentication on those sites that implement it, but I will not use a login from Google, for example, for anything besides logging into Google (which I never do anyway). I don't want Google to know every site I log into. I think it's creepy.
Since I use a password manager (1Password) there is very little cost in keeping a 20-character password (which I never type anyway) even for those sites with 2-factor authentication. 

—Barry



On 18 Apr 2014, at 11:12, Owen Densmore wrote:


I've been getting a trickle of "time to change your password" emails 
due

to Heartbleed.

So once again, the issue of a good password strategy comes up.


In the perfect world, I'd love the 2-factor approach: password + 
generated

PIN.  Especially if a single PIN generator could be used, like Google
Authenticator.


In addition, lots of sites let you login with Google, Facebook, 
Twitter and
others.  So if we have a small number of 2-factor providers, the 
hassle

would be minimized.

Why would this be useful?  You could use a small set of passwords for

various 2-factor providers and attach your several hundred logins to 
them.
You could also use much simpler passwords, because password 
vulnerability
would no longer completely expose you to the bad guys, unless they 
steal

you mobile devices (phone, tablet, etc)

Google has the notion of "trusted devices" which reduces the

PIN annoyance on your own devices: laptop, phone, tablet etc.  It also 
has
backup passwords for apps/devices which cannot manage the 2-factor 
login.

Its been fine for me for over a year.

Is it time to migrate to 2-factor as much as one can?

 -- Owen
============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com


============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com





















					Reply via email to