Jonas Smedegaard writes: > I dislike APG because it generates passwords difficult to remember - > without aiding in how to deal with that, which has a high risk of > passwords getting stored on physical notes in the top drawer...
Bruce Schneier recommends writing passwords down and then keeping the document containing them secure. "Never write a password down!" comes from the days when the typical user had a single password which she used to log on to the Vax from the VT220 on her desk in her cubicle. The admonition was intended to stop her from writing it on a Post-It note and sticking it on the corner of her terminal (or, if she was security minded, hiding it under her blotter). The sysadmins, who kept a copy of the root passsword in the safe, saw no reason why she couldn't just memorize the damn thing. It was only six letters, after all, and if she forgot it they would give her a new one. -- John Hasler jhas...@newsguy.com Elmwood, WI USA
