> I'm interested in cases where Mailman passwords have been abused. "Show me one instance where a nuclear reactor was brought down by an earthquake! Just one! Then I'll consider spending the $$ on it!"
-- Please do not email me anything that you are not comfortable also sharing with the NSA. On Oct 1, 2013, at 6:38 PM, Bill Frantz <fra...@pwpconsult.com> wrote: > On 10/1/13 at 1:43 PM, mar...@bluegap.ch (Markus Wanner) wrote: > >> Let's compare apples to apples: even if you manage to actually read the >> instructions, you actually have to do so, have to come up with a >> throw-away-password, and remember it. For no additional safety compared >> to one-time tokens. > > Let Mailman assign you a password. Then you don't have to worry about someone > collecting all your mailing list passwords and reverse engineering your > password generation algorithm. You'll find out what the password is in a > month. Save that email so you can make changes. Get on with life. > > Lets not increase the level of user work in cases where there isn't, in fact, > a security problem. > > I'm interested in cases where Mailman passwords have been abused. > > Cheers - Bill > > ----------------------------------------------------------------------- > Bill Frantz | If the site is supported by | Periwinkle > (408)356-8506 | ads, you are the product. | 16345 Englewood Ave > www.pwpconsult.com | | Los Gatos, CA 95032 > > _______________________________________________ > The cryptography mailing list > cryptography@metzdowd.com > http://www.metzdowd.com/mailman/listinfo/cryptography
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography