My password for the password keeper is over sixteen chars in length. Since I wrote some password cracker routines myself I know that the permutation required to crack this is beyond most cpu powers. As a sysadmin for a hosting site I get requests to recover email login passwords, but the hash used to encrypt it works in such a way that you can verify that it is correct, but not reveal it. The only solution then is to submit a new password.
Walter -----Original Message----- From: Rufus Sent: Saturday, October 13, 2012 11:19 AM To: [email protected] Subject: Re: [Liveaboard] (no subject) > websites... generate individual passwords... regenerate from site name... Ditto. Always create a site specific password using some trivial (or not if you're real quick at that stuff) hash of part (or all) of the site name, possibly along with a numeric or odd-character string (probably constant); maybe add part of the site name to your "user-ID". It must be simple enough for you to always remember the formula so you can recreate it w/in a couple minutes when you return to a site (potentially several years) later. I got a dope slap when the Wine-HQ site password file got out a couple years ago and realized that while my financial access was untouched, I did not want Kid Scrippy accessing any of about a hundred sites in my name. This is no way high security - use something way better for anything like sensitive data; but it reduces the likelyhood of wholesale miscellaneous website access through your accounts by about 10x and it's pretty easy to implement. On sites you use a lot your fingers learn the drill pretty fast. Password keepers may be a good idea or may not. They're main weakness (assuming otherwise good design) is when the particular machine they're on is available to the thief because mmost folks I know use trivial passwords to access their password keeper - on accounta-becuz they're scared witless of forgetting the master password and locking themselves out of _everything_. Rufus _______________________________________________ Liveaboard mailing list [email protected] To adjust your membership settings over the web http://liveaboardonline.com/mailman/listinfo/liveaboard To subscribe send an email to [email protected] To unsubscribe send an email to [email protected] The archives are at http://www.liveaboardonline.com/pipermail/liveaboard/ To search the archives http://www.mail-archive.com/[email protected] The Mailman Users Guide can be found here http://www.gnu.org/software/mailman/mailman-member/index.html
