LastPass is good stuff, I have about 90% of my web passes generated by their password generation tool out as far as the website will support.
But that's just the first piece o'the pie. You can have a great password, and then Sony get's penetrated... - WJR On Thu, Aug 18, 2011 at 13:16, Hilderbrand, Doug < doug.hilderbr...@craneaerospace.com> wrote: > My perhaps misguided praise of SG aside, I still think he nailed the short > and complex versus long password issue. I use long teens and twenties long > character passwords at work with upper/lower case, numbers and punctuation. > They’re based on phrases, but look like gibberish. Though as Steve suggests > with his password haystack idea, I’m starting to pad some of my older > shorter passwords with extra characters. Not always the same character and > not always at the end.**** > > ** ** > > If guessing a password doesn’t work, brute force is all that’s left.**** > > ** ** > > And I like LastPass. I know they were in the news. They responded to the * > *possibility** of a hack exactly as a security company should have.**** > > ** ** > > Doug Hilderbrand | Systems Analyst, Information Technology | Crane > Aerospace & Electronics > > **** > > ** ** > > *From:* Jonathan Link [mailto:jonathan.l...@gmail.com] > *Sent:* Thursday, August 18, 2011 10:48 AM > > *To:* NT System Admin Issues > *Subject:* Re: Almost, but not quite OT: Passwords**** > > ** ** > > I was waiting for someone else to step up. Glad to see I'm not > disappointed.**** > > > > **** > > On Thu, Aug 18, 2011 at 1:39 PM, William Robbins <dangerw...@gmail.com> > wrote:**** > > Steve Gibson? Seriously? > **** > > ** ** > > http://www.theregister.co.uk/2006/01/21/wmf_fud_from_grc/**** > > http://www.theregister.co.uk/2001/06/25/steve_gibson_really_is_off/**** > > http://www.theregister.co.uk/2001/06/12/security_geek_developing_winxp_raw/ > **** > > > http://www.myharddrivedied.com/blog/why-spinrite-not-my-data-recovery-software-list > **** > > ** ** > > http://attrition.org/errata/charlatan/steve_gibson/**** > > ** ** > > http://allthatiswrong.wordpress.com/2009/10/11/steve-gibson-is-a-fraud/*** > * > > ** ** > > > - WJR > > **** > > On Thu, Aug 18, 2011 at 12:05, Hilderbrand, Doug < > doug.hilderbr...@craneaerospace.com> wrote:**** > > Find and listen to Steve Gibson’s explanation of his password haystacks > concept which this cartoon was based on. I think he’s spot on. Password > length wins over complexity. Put both together and there’s not enough > petaflops in the universe to crack the password. My opinion, YMMV.**** > > **** > > Steve Gibson and Leo Laporte do a weekly podcast on security. The last > couple have focused on how the internet works IP packets, tcp and udp > protocols and such which is pretty old hat for us admin types, but I find > the information Steve gives out to be fascinating. He gives blow-by-blow > explanations of hacks in the news, recent patches (MS and Adobe keep being > the top topics) plus other stuff creeps in too. Definitely look up his > “portable dog killer” and Vitamin D episodes. SPCA note: no animals were > harmed in the portable dog killer episode.**** > > **** > > Steve Gibson is one of my heroes. Sigh. Or would be if I actually had > heroes. If the name is not familiar, he’s the guy who wrote SpinRite.**** > > **** > > http://twit.tv/sn**** > > http://www.grc.com/securitynow.htm**** > > **** > > Doug Hilderbrand | Systems Analyst, Information Technology | Crane > Aerospace & Electronics**** > > **** > > *From:* Andrew S. Baker [mailto:asbz...@gmail.com] > *Sent:* Wednesday, August 10, 2011 2:06 PM**** > > > *To:* NT System Admin Issues**** > > *Subject:* Almost, but not quite OT: Passwords**** > > **** > > http://xkcd.com/936/# <http://xkcd.com/936/> > **** > > **** > > Yet, very pertinent.**** > > **** > > **** > > **** > > **** > > *ASB***** > > *http://about.me/Andrew.S.Baker***** > > *Harnessing the Advantages of Technology for the SMB market…***** > > **** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~**** > > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin**** > ------------------------------ > > Check out the new Crane Aerospace Electronics > Newsroom<http://newsroom.craneae.com/> > ! > Like us on > Facebook<http://www.facebook.com/home.php?#!/pages/Crane-Aerospace-Electronics/163305413682908> > ! > We value your opinion! <http://www.craneae.com/surveys/satisfaction.htm> How > may we serve you better? Please click the survey link to tell us how we are > doing: http://www.craneae.com/surveys/satisfaction.htm **** > > Your feedback is of the utmost importance to us. Thank you for your time.* > *** > > Crane Aerospace & Electronics Confidentiality Statement: > The information contained in this email message may be privileged and is > confidential information intended only for the use of the recipient, or any > employee or agent responsible to deliver it to the intended recipient. Any > unauthorized use, distribution or copying of this information is strictly > prohibited and may be unlawful. If you have received this communication in > error, please notify the sender immediately and destroy the original message > and all attachments from your electronic files.**** > ------------------------------ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~**** > > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin**** > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin**** > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin**** > ------------------------------ > > Check out the new Crane Aerospace Electronics > Newsroom<http://newsroom.craneae.com/> > ! > Like us on > Facebook<http://www.facebook.com/home.php?#!/pages/Crane-Aerospace-Electronics/163305413682908> > ! > We value your opinion! <http://www.craneae.com/surveys/satisfaction.htm> How > may we serve you better? Please click the survey link to tell us how we are > doing: http://www.craneae.com/surveys/satisfaction.htm > > Your feedback is of the utmost importance to us. Thank you for your time. > > Crane Aerospace & Electronics Confidentiality Statement: > The information contained in this email message may be privileged and is > confidential information intended only for the use of the recipient, or any > employee or agent responsible to deliver it to the intended recipient. Any > unauthorized use, distribution or copying of this information is strictly > prohibited and may be unlawful. If you have received this communication in > error, please notify the sender immediately and destroy the original message > and all attachments from your electronic files. > ------------------------------ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
