On Sep 12, 2011, at 8:02 AM, Jean-Christophe Helary wrote: > >> On 12 Sep 2011, at 11:04, Jean-Christophe Helary wrote: >> >>> I am not being paranoid but I am wondering, as a SOHO, what is the best >>> policy in terms of password management… > > Thanks everybody for the suggestions. > > Let me go back to my original problem. > > > My problem is that physical access to the work machines means basically > access to all the passwords, whether I use Keychain of 1Password etc. > > As the xkcd cartoon shows I could use easy to remember passwords, but as a > SOHO, what is the best way to manage them ? > > Keep them in a safe on a piece of paper ? Always hand-login and never ask the > machine to remember them ? Change them every month ? > > My understanding is that most password problems do not come from software > problems but from human problems. What is the best way to reduce the risks to > something acceptable ? >
Now we are veering off into the larger issue. If you are really worried about passwords, don't use them. Seriously, go to two-factor authentication with a one-time password. RSA hack aside one-time passwords as part of a two-factor auth would solve the problem. The real problem you have is allowing users to properly manage existing passwords, an app like 1Password is designed for that. It reduces what you have to remember so you can introduce complex passwords outside of the master password. Combine that with the fact that it will paste login info into a web form means key logging is harder. You are trying to reduce the human factor, the only way to do that is to not let them manage their passwords themselves, hence the use of a tool to do so. I recommend 1Password because it works well, the developers are responsive, and it is cross platform and device. 1Password also stores a lot more than just a login. --Larry_______________________________________________ MacOSX-talk mailing list [email protected] http://www.omnigroup.com/mailman/listinfo/macosx-talk
