at bottom :- On 25/11/2017, Arun Khan <[email protected]> wrote: > XKCD PoV > <https://xkcd.com/936/> > > A PoV on long phrase like password. > <https://blog.codinghorror.com/password-rules-are-bullshit/> > > Password generator using Unicode inspired by above > <https://www.sethserver.com/unicode-random-password-generator.html> > > -- Arun Khan
<snipped> Dear Arun, <rant> Thank you for sharing those links. I have seen these on so many Indian sites including our own Income Tax Department ( to file ITR Returns) that it has become a joke. There is a term called 'Security theater' https://en.wikipedia.org/wiki/Security_theater which is apt for this occasion. To top it with the new Firefox release, you cannot even use addons like Certificate Patrol to see what kinds of TLS encryption the site https://addons.mozilla.org/en-US/firefox/addon/certificate-patrol/ . I have seen lots of reputable sites using pretty poor ciphers for encryption and for end-users there is no reasonable way for them to take a call as to what's best or needs to be changed, including most of the private and public banks. FWIW I have written to some banks whose customer I am and had been thinking of shifting to digitial platforms but haven't received any sort of substantial answers from them. What you have highlighted is that only 0.0001 percent fools like us want security and are a bit paranoid like us. The rest just go about their merry way. I don't have solutions other than building awareness on the bottom of the pyramid but that is kind of slow death. When people are ready to give their fb usernames and passwords at the drop of the hat without doing any social engineering than this feels like a long task </rant> I do wish we had better ways to enhance and mass-reach on sensitive topics like these. -- Regards, Shirish Agarwal शिरीष अग्रवाल My quotes in this email licensed under CC 3.0 http://creativecommons.org/licenses/by-nc/3.0/ http://flossexperiences.wordpress.com EB80 462B 08E1 A0DE A73A 2C2F 9F3D C7A4 E1C4 D2D8 _______________________________________________ plug-mail mailing list [email protected] http://list.plug.org.in/listinfo/plug-mail
