On Sep 12, 2011, at 8:34 AM, Scott G. Lewis wrote:
1) Easily managing MULTIPLE accounts per website. If I logon to MobileMe, it
auto fills. If I logon to a Google site, it gives me a list of all my saved
credentials, and then autofills after I choose one.
Keychain does this btw. Just type
where I need to use a
password.
[snip]
I am not being paranoid but I am wondering, as a SOHO, what is the best
policy in terms of password management…
http://xkcd.com/936/
+ add the name of the service as one of the words.
Ok, that's good for password creation, but what about
random
strings of dozens of characters, one for each place where I need to use a
password.
[snip]
http://xkcd.com/936/
+ add the name of the service as one of the words.
Ok, that's good for password creation, but what about password management ?
https://agilebits.com/products/1Password
On Sep 12, 2011, at 6:02, Jean-Christophe Helary
jean.christophe.hel...@gmail.com wrote:
My problem is that physical access to the work machines means basically
access to all the passwords, whether I use Keychain of 1Password etc.
No it does not. What makes you think that? It's not true of
On Sep 12, 2011, at 9:56 PM, LuKreme wrote:
On Sep 12, 2011, at 6:02, Jean-Christophe Helary
jean.christophe.hel...@gmail.com wrote:
My problem is that physical access to the work machines means basically
access to all the passwords, whether I use Keychain of 1Password etc.
No it does
On Mon, Sep 12, 2011 at 10:05, William Ehrich ehr...@clear.net wrote:
How long would it take to try 20 wrong passwords to get into your bank
account or whatever? Try it.
Phishing, especially spear phishing, works better.
I don't think anyone is going to break into a bank account by
attacking
On Sep 12, 2011, at 8:02 AM, Jean-Christophe Helary wrote:
On 12 Sep 2011, at 11:04, Jean-Christophe Helary wrote:
I am not being paranoid but I am wondering, as a SOHO, what is the best
policy in terms of password management…
Thanks everybody for the suggestions.
Let me go back
for thousands of years. But maybe
I'm missing something obvious.
Remembering computer passwords has hardly been a multi-thousand year problem.
Nor is 1Password the first password management software, and all things
considered, perhaps not even the one most in use. It's about the most elegant
Ok, I've sent two messages now, and it's been cut off. I don't know why. This will be my last attempt to post, since I don't want to flood the list. I'll try just pasting the cut portion that didn't make the list. Apologies... if it doesn't work, trust that I had more to say then just that
On Sep 12, 2011, at 5:02 AM, Jean-Christophe Helary wrote:
Thanks everybody for the suggestions.
Let me go back to my original problem.
My problem is that physical access to the work machines means basically
access to all the passwords, whether I use Keychain of 1Password etc.
Not so.
On Mon, 12 Sep 2011, Macs R We wrote:
} Use a keychain password that is NOT your login password, and have it
} re-lock after five minutes and any time the machine sleeps or the screen
} saver turns on. Memorize the hotkey for making your screen saver come
} on
On Mon, Sep 12, 2011 at 11:49 AM, Macs R We macs...@macsrwe.com wrote:
On Sep 12, 2011, at 5:02 AM, Jean-Christophe Helary wrote:
Thanks everybody for the suggestions.
Let me go back to my original problem.
My problem is that physical access to the work machines means basically
access to
On Sep 12, 2011, at 8:22, Arno Hautala a...@alum.wpi.edu wrote:
Complex passwords are for protecting against the situation where the
bank's salted password database is stolen and the attacker starts to
brute force each hash.
Yes, but the idea of what is. Implied has changed. It's not about
On Sep 12, 2011, at 10:05, George N. White III gnw...@gmail.com wrote:
the bad guy just has to
pop a smoke grenade, yell fire, wait for everyone to run out the door
and get to your machine before the screen saver kicks in,
Are you working for the CIA or NSA? Do you have nuclear launch codes
On Mon, Sep 12, 2011 at 12:06, LuKreme krem...@kreme.com wrote:
On Sep 12, 2011, at 8:22, Arno Hautala a...@alum.wpi.edu wrote:
Though most banks probably just store it plaintext anyway.
I hope we've gotten beyond that.
Wishes and horses.
I haven't checked recently, but a few months ago
On Sep 12, 2011, at 9:05 AM, George N. White III wrote:
http://computer-forensics.sans.org/blog/2011/01/28/mac-os-forensics-howto-simple-ram-acquisition-analysis-mac-memory-reader-part-1
found clear-text passwords in memory -- the bad guy just has to
pop a smoke grenade, yell fire, wait for
16 matches
Mail list logo
