On Sat, Jun 20, 2015 at 1:56 PM, Paul Hill <[email protected]> wrote:
> Did you audit the encryption method they use and can you be 100% confident > it will take several decades to decrypt? Would you bet your bank balance? Paul: Thank you for your faith in my abilities. Even though I'm a math major, too smart for my own good, and have, ahem-ahem, decades of software development experience, crypto software is a speciality I would not depend on my skills to ensure. People I trust review papers [1] that indicate it is not a poor choice. [1] https://www.schneier.com/blog/archives/2014/09/security_of_pas.html Re: 100% confident, decades: no, of course not. I regularly change passwords. re: bet my bank balance? No. Passwords for bank accounts and key credit card accounts are in that slip of paper in the wallet, like Kens, although I prefer the index card box. And changed routinely. And used on a machine carefully checked for security issues, never a public machine or someone else's network. > If I was in your shoes I would change my passwords. Seriously. I do change my passwords, light-heartedly. Life is too short. Security is a process and not a feature. You always choose to trade convenience for some absolute security. > I'm concerned this is not good enough due to keyloggers etc. > A UbiKey may solve this. And how do you review the source code for the firmware in a UbiKey? -- Ted Roche Ted Roche & Associates, LLC http://www.tedroche.com _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/CACW6n4voSKHbXyFp+3tQBqqSc8zZnvbVo_r_XndLmPFku4c=e...@mail.gmail.com ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
