On Sep 12, 2011, at 3:04, Jean-Christophe Helary <[email protected]> wrote:
> I've tried something last night. > > Instead of using normal passwords with different patterns, like > "ILoveMyKids9876" or "9876ILoveMyKids", I've decided to generate random > strings of dozens of characters, one for each place where I need to use a > password. > > I've put all those strings in a Keychain Access note, in a form that's tricky > enough to not be understood right away but then, I realized that: > > 1) everything in Keychain Access is available with the user login password > 2) every time I tell OSX to remember such and such password, it is stored in > a trivially easy to understand way in Keychain > 3) if I am away from my machine I have _no_ way to remember any of the > passwords I have, which keeps me from accessing a lot of online facilities > (banks etc). Even worse if the machine dies... Well, first off, don't have a trivial login password. Second off, don't have your login password be your keychain password. Third of all, rethink password complexity. Fourth, use. Password manager like 1Password. For complexity, it turns out that random strings of characters are hard for people to remember, but no harder for computers to crack. Setting a password to 12345667890Frodolives is just as effective as SEkMTgJceGXCWb6hf97H. Also, consider what the password is for. If you use unique passwords everywhere then, for example, she sting on the humus lovers web board, you don't care that much if someone logs in as you, so a password like IheartHumus3 is probably just fine. Heck, a password like ziggy45 is probably fine. For your bank, you will want to up the entropy, but that doesn't mean upping the complexity to the point you can't remember it. ILuvz-my-money's&stocks is 23 characters and includes upper and lower case, numbers, and special characters. It's a BETTER password from the point of view of cracking than SEkMTgJceGXCWb6hf97H because it is longer. Now, does your bank password need to be 23 characters? Probably not, but it's not going to hurt. For portability, 1Password works perfectly with Dropbox. I had some issues with Dropbox as they moved to a more secure model as required by safari 5.1, but the browser extensions seem to have pretty much settled down now and everything works. My recommendations on what people use for passwords has completely changed over the last year or so. Length is the most important feature of a secure password, and most passwords don't need to be longer than 8-10 characters.
_______________________________________________ MacOSX-talk mailing list [email protected] http://www.omnigroup.com/mailman/listinfo/macosx-talk
