> From: Givon Zirkind <givo...@gmx.com> > > On 12/20/2015 2:14 AM, Jeffrey Goldberg wrote: >> The problem you address is certainly real. And a lot of people have >> looked at various approaches over the decades. None, so far, is fully >> satisfactory. (I obviously believe that a well designed password >> manager is the best solution for most people available today, but I do >> not see them as the long term solution.) One common mistake > IMHO, the basic problem [on a meta level] is, that if you put all your > passwords [eggs] into one basket, all you have to do is steal the > basket. crack the master password to the password file and you have all > the passwords. > > old school, manually, ppl used to keep a rolodex of which files to look > in for the passwords to certain items. and, passwords would be hidden > in those files. obstensively, the CIA does this with files that need to > "disappear". e.g. keeping a record in the Atomic Energy Commissions > files of some covert op. with a cross reference that tells someone > where to find it. who's going to look through a warehouse of files to > find a record? it's like a needle in a haystack. if you could > implement that electronically, that would probably be the best way to > go. imho.
This particular needle got lost in the haystack of my inbox… very interesting idea. Do you have any preliminary ideas on how to implement that electronically? I am not sure where to begin. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
