Jonas Smedegaard writes:
> I dislike APG because it generates passwords difficult to remember -
> without aiding in how to deal with that, which has a high risk of
> passwords getting stored on physical notes in the top drawer...

Bruce Schneier recommends writing passwords down and then keeping the
document containing them secure.

"Never write a password down!" comes from the days when the typical user
had a single password which she used to log on to the Vax from the VT220
on her desk in her cubicle. The admonition was intended to stop her from
writing it on a Post-It note and sticking it on the corner of her
terminal (or, if she was security minded, hiding it under her blotter).
The sysadmins, who kept a copy of the root passsword in the safe, saw no
reason why she couldn't just memorize the damn thing.  It was only six
letters, after all, and if she forgot it they would give her a new one.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Reply via email to