Stewart Stremler wrote:
...on a post-it stuck underneath the keyboard, or on the slide-out
writing surface next to the desk.
Putting valuables in your sock drawer gives a warm feeling of security,
but hardly slows down an intruder.
You first assume that I have an intruder. And that he goes through my
sock drawer. And that he knows what he has when he finds the passwords.
But in reality this has never happened and is so unlikely that it is a
perfectly acceptable risk. I don't have meteoroid strike insurance on my
house either. Same idea.
A list of 47 passwords with no context is almost as bad as not writing
down the password at all, in some situations (e.g., three failed logins ->
lockout).
I don't have 47 passwords. I have 4. Remembering which goes to which is
not a problem in practice.
A sealed envelope in a locked container (firesafe, safe-deposit box,
etc.) or an encrypted list (remember just /one/ password) is more
advisable.
And you are the one always preaching security vs usability.
Either way, pick something where you're going to type the decrypting
passphrase every day; else you risk forgetting _that_.
Definitely. I use it regularly so as to never forget the password.
--
Tracy R Reed http://ultraviolet.org
A: Because we read from top to bottom, left to right
Q: Why should I start my reply below the quoted text
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
