Tracy R Reed wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Stewart Stremler wrote:
Watch what happens in practice when those sorts of constraints are
imposed. If losing the passphrase makes the hardware unavailable (and
remember that "Available" is part of security these days) user *will*
use post-its or sharpie-on-tape to associated the password with the
laptop.
That is perfectly fine! I *advocate* writing down passwords. In fact I
write my root passwords on post-its. It is better than choosing an
easily guessable password.
Just out of curiosity, do you "*advocate* writing down passwords" for
bank accounts? I realize it's not exactly the same thing, but I am curious.
I'm starting to get frustrated with the exponentially increasing number
of passwords I'm having to remember. I just had to think up another one
to create an account with bugzilla. That may not be a crucial password,
so I used one that may not be too awfully hard to crack. But its
another one I'll have to remember.
Occasionally, I have considered finding out how to set up an encrypted
file to store all non-crucial passwords. Maybe even set up a few
encrypted files to try to obscure it a little.
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
