On 12/18/2015 6:35 PM, Ondrej Mikle wrote:
1) No matter how strong your password is, it will leak if you reuse it, because
attackers hack badly secured sites/databases - this is in no way surprising, but
it's "new" to non-tech-savvy people.
constantly or periodically changing your master password, is the common
solution to this problem.
2) U2F, "Universal 2-Factor", is probably the best solution now - very usable,
"kind of" wide-spread (see http://www.dongleauth.info/). Yubikey Neo and Yubikey
4 are the best sample devices that implement this. You plug in the token in USB
slot and touch the button (malware cannot physically touch the button - this is
very important in the design!).
old school, but, imho, the best solution, a hardware lock on a device, a
USB drive, is the best way to protect access to your files.
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
