Re: Watch out for Bezeq
On Sun, Sep 01, 2013, Mord Behar wrote about Watch out for Bezeq: receipts and stuff. When I signed up I provided a username and a password. Which they then sent me to my email address in plaintext. So just a reminder: don't reuse passwords, and use a throw-away password for bezeq. This is a very important general advice, that has nothing to do with Bezeq - don't reuse passwords for different services. Remember the old adage - don't write passwords down? Forget you ever heard that piece of advice. It is a load of crock. Do use different a password for each service, and *do* write them down (on paper or on a computer file). If you do not write your passwords down, you'll be tempted to re-use a password that you already remember :( As an example of what can happen because of reusing passwords: Three years ago, some cracker broke into the gmail accounts of thousands of Israelis. How? He broke into the web-site of some Israeli pizza chain, and stole their password files. People who created an account on that site (for ordering pizzas) were ask to supply their email address, and also a new username and password, and the cracker now had all of those. All he had to do next is to go to each gmail account on that email address list, and try the password given to the pizza site. Next, he went to Facebook, and tried his luck with the same username and password. For a large percentage of the idiots^H^H^H^H^H^Husers, the password was the same password used for the gmail/facebook account. See http://www.ynet.co.il/articles/0,7340,L-3921182,00.html -- Nadav Har'El| Monday, Sep 2 2013, 27 Elul 5773 n...@math.technion.ac.il |- Phone +972-523-790466, ICQ 13349191 |Luck is when preparation meets http://nadav.harel.org.il |opportunity. - Richard Sherman ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Watch out for Bezeq
On Sun, Sep 1, 2013 at 3:04 PM, Mord Behar mord...@gmail.com wrote: Just a general heads up: I recently registered on the Bezeq site in order to be able to view my receipts and stuff. When I signed up I provided a username and a password. Which they then sent me to my email address in plaintext. So just a reminder: don't reuse passwords, and use a throw-away password for bezeq. Have a Shanna Tova! I have so much to add under the idea Watch out for Bezeq. Too bad that they only happen to be the least-worst infrastructure in Israel. Go sign up for Lastpass, my entire office is now using it. I lets you set up individual passwords for every site, and they are encrypted locally. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Watch out for Bezeq
On Mon, Sep 2, 2013 at 1:21 PM, Dotan Cohen dotanco...@gmail.com wrote: Go sign up for Lastpass, my entire office is now using it. I lets you set up individual passwords for every site, and they are encrypted locally. And remotely (on there servers) P.S, You can use it with Firefox on you mobile device (as firefox addon), just a note, that if you set the Password Iterations too high (5000 by there recommendation) it will increase Firefox loading time significantly -- *Rabin* ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Watch out for Bezeq
plug PasswordSafe http://pwsafe.org, while mainly developed for Windows, has usable buildshttps://sourceforge.net/projects/passwordsafe/files/Linux-BETA/0.91/for deb rpm distros. Artistic License 2.0 http://www.opensource.org/licenses/artistic-license-2.0.php. /plug disclaimerI'm the admin/lead developer of PasswordSafe/disclaimer On Mon, Sep 2, 2013 at 2:10 PM, Rabin Yasharzadehe ra...@rabin.io wrote: On Mon, Sep 2, 2013 at 1:21 PM, Dotan Cohen dotanco...@gmail.com wrote: Go sign up for Lastpass, my entire office is now using it. I lets you set up individual passwords for every site, and they are encrypted locally. And remotely (on there servers) P.S, You can use it with Firefox on you mobile device (as firefox addon), just a note, that if you set the Password Iterations too high (5000 by there recommendation) it will increase Firefox loading time significantly -- *Rabin* ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Ubi dubium, ibi libertas (where there is doubt, there is freedom) ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Watch out for Bezeq
Rabin Yasharzadehe ra...@rabin.io writes: On Mon, Sep 2, 2013 at 1:21 PM, Dotan Cohen dotanco...@gmail.com wrote: Go sign up for Lastpass, my entire office is now using it. I lets you set up individual passwords for every site, and they are encrypted locally. And remotely (on there servers) And if you are loath to keeping passwords on anyone else's server, Firefox has a built-in password manager that can be protected by a master password. KDE has a built-in wallet, too. Both are local to your machine (FF can be synced, I presume), unlike Lastpass and frends. But do make sure you have a master password on FF (it's a setting), and do not try the same thing with Chrome that does not believe in passwords at all - cf. http://www.theregister.co.uk/2013/08/08/browser_password_poll/. -- Oleg Goldshmidt | p...@goldshmidt.org ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Watch out for Bezeq
2013/9/2 Oleg Goldshmidt p...@goldshmidt.org: Rabin Yasharzadehe ra...@rabin.io writes: On Mon, Sep 2, 2013 at 1:21 PM, Dotan Cohen dotanco...@gmail.com wrote: Go sign up for Lastpass, my entire office is now using it. I lets you set up individual passwords for every site, and they are encrypted locally. And remotely (on there servers) And if you are loath to keeping passwords on anyone else's server, Firefox has a built-in password manager that can be protected by a master password. KDE has a built-in wallet, too. Both are local to your machine (FF can be synced, I presume), unlike Lastpass and frends. But do make sure you have a master password on FF (it's a setting), and do not try the same thing with Chrome that does not believe in passwords at all - cf. http://www.theregister.co.uk/2013/08/08/browser_password_poll/. keepassx is another great cross platform solution... works on windows/linux/OS X (and most importantly for me has a n900 build), not based on the browser so you can also use it for other applications http://www.keepassx.org/features/ Regards, Eliyahu - אליהו -- Oleg Goldshmidt | p...@goldshmidt.org ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
password managers (was: Re: Watch out for Bezeq
It's also important to consider smart phone access. I use password gorilla on my ubuntu laptops, passwdsafe on my android, and i sync the common database via ubuntu one. On 09/02/2013 04:49 AM, ronys wrote: plug PasswordSafe http://pwsafe.org, while mainly developed for Windows, has usable buildshttps://sourceforge.net/projects/passwordsafe/files/Linux-BETA/0.91/for deb rpm distros. Artistic License 2.0 http://www.opensource.org/licenses/artistic-license-2.0.php. /plug disclaimerI'm the admin/lead developer of PasswordSafe/disclaimer On Mon, Sep 2, 2013 at 2:10 PM, Rabin Yasharzadehe ra...@rabin.io wrote: On Mon, Sep 2, 2013 at 1:21 PM, Dotan Cohen dotanco...@gmail.com wrote: Go sign up for Lastpass, my entire office is now using it. I lets you set up individual passwords for every site, and they are encrypted locally. And remotely (on there servers) P.S, You can use it with Firefox on you mobile device (as firefox addon), just a note, that if you set the Password Iterations too high (5000 by there recommendation) it will increase Firefox loading time significantly -- *Rabin* ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Michael Shiloh teachmetomake.com/wordpress KA6RCQ Educational Materials coordinator at Arduino.cc Electronics, Robotics, Digital Fabrication, and Arduino educator California College of the Arts San Francisco Art Institute San Francisco State University ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il